www.clickupdate.gq Open in urlscan Pro
2a00:1450:4001:810::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clickupdate.gq/
Effective URL:
https://www.clickupdate.gq/
Submission: On August 25 via automatic, source certstream-suspicious (August 25th 2021, 5:51:44 am UTC)

Summary HTTP 95 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 23 domains to perform 95 HTTP transactions. The main IP is 2a00:1450:4001:810::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.clickupdate.gq.
TLS certificate: Issued by GTS CA 1D4 on June 30th 2021. Valid for: 3 months.

This is the only time www.clickupdate.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::2013	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2009	15169 (GOOGLE) (GOOGLE)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
9	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
18	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
7	151.101.13.164 151.101.13.164	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
4	139.45.197.247 139.45.197.247	9002 (RETN-AS) (RETN-AS)
2	139.45.197.235 139.45.197.235	9002 (RETN-AS) (RETN-AS)
3	139.45.197.246 139.45.197.246	9002 (RETN-AS) (RETN-AS)
1	2606:4700:20:... 2606:4700:20::ac43:4b09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
6	139.45.197.120 139.45.197.120	9002 (RETN-AS) (RETN-AS)
95	25

1 216.239.34.21 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

clickupdate.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.clickupdate.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

vistoolr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kumteerg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
choupsee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

propu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
poacawhe.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loulouly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.13.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.247 (United Kingdom)

ASN9002 (RETN-AS, GB)

zuphaims.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.235 (United Kingdom)

ASN9002 (RETN-AS, GB)

stawhoph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.246 (United Kingdom)

ASN9002 (RETN-AS, GB)

whugesto.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b09 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.120 (United Kingdom)

ASN9002 (RETN-AS, GB)

aulteeby.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	clickupdate.gq 1 redirects clickupdate.gq www.clickupdate.gq	318 KB
10	blogspot.com 3.bp.blogspot.com 2.bp.blogspot.com 4.bp.blogspot.com 1.bp.blogspot.com	480 KB
9	propu.sh propu.sh	48 KB
7	bedrapiona.com bedrapiona.com	5 KB
7	nyt.com static01.nyt.com	323 KB
6	aulteeby.net aulteeby.net	14 KB
6	loulouly.net loulouly.net	94 KB
5	blogger.com www.blogger.com	184 KB
4	zuphaims.com zuphaims.com	23 KB
3	whugesto.net whugesto.net	22 KB
3	choupsee.com choupsee.com	47 KB
3	kumteerg.com kumteerg.com	47 KB
3	poacawhe.net poacawhe.net	47 KB
3	vistoolr.net vistoolr.net	47 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	95 KB
2	stawhoph.com stawhoph.com	21 KB
2	google.com apis.google.com	92 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	44 KB
2	facebook.net connect.facebook.net	69 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com	48 KB
1	iclickcdn.com iclickcdn.com	22 KB
1	googleusercontent.com lh6.googleusercontent.com	6 KB
1	media.net contextual.media.net	46 KB
95	23

	Domain	Requested by
10	www.clickupdate.gq	www.clickupdate.gq ajax.googleapis.com
9	propu.sh	www.clickupdate.gq propu.sh
7	bedrapiona.com	iclickcdn.com
7	static01.nyt.com	www.clickupdate.gq
6	aulteeby.net	www.clickupdate.gq
6	loulouly.net	www.clickupdate.gq loulouly.net
5	www.blogger.com	www.clickupdate.gq
4	zuphaims.com	www.clickupdate.gq
3	whugesto.net	www.clickupdate.gq
3	choupsee.com	www.clickupdate.gq choupsee.com
3	kumteerg.com	www.clickupdate.gq kumteerg.com
3	poacawhe.net	www.clickupdate.gq poacawhe.net
3	vistoolr.net	www.clickupdate.gq vistoolr.net
3	4.bp.blogspot.com	www.clickupdate.gq
3	3.bp.blogspot.com	www.clickupdate.gq
2	stawhoph.com	www.clickupdate.gq
2	apis.google.com	www.clickupdate.gq apis.google.com
2	1.bp.blogspot.com	www.clickupdate.gq
2	2.bp.blogspot.com	www.clickupdate.gq
2	connect.facebook.net	www.clickupdate.gq connect.facebook.net
2	netdna.bootstrapcdn.com	www.clickupdate.gq netdna.bootstrapcdn.com
2	fonts.googleapis.com	www.clickupdate.gq
1	www.gstatic.com	apis.google.com
1	iclickcdn.com	www.clickupdate.gq
1	fonts.gstatic.com	fonts.googleapis.com
1	lh6.googleusercontent.com	www.clickupdate.gq
1	ajax.googleapis.com	www.clickupdate.gq
1	contextual.media.net	www.clickupdate.gq
1	clickupdate.gq	1 redirects
95	29

This site contains links to these domains. Also see Links.

Domain
perfect-mag-sora-templates.blogspot.com
www.sorabloggingtips.com
perfect-mag-sora-templates.blogspot.in
youtu.be
www.soratemplates.com
www.blogger.com
shardawebsolutions.com
www.mybloggerthemes.com

Subject Issuer	Validity	Valid
www.clickupdate.gq GTS CA 1D4	`2021-06-30` - `2021-09-28`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
vistoolr.net R3	`2021-08-10` - `2021-11-08`	3 months	crt.sh
propu.sh R3	`2021-08-18` - `2021-11-16`	3 months	crt.sh
poacawhe.net R3	`2021-08-06` - `2021-11-04`	3 months	crt.sh
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
loulouly.net R3	`2021-08-12` - `2021-11-10`	3 months	crt.sh
kumteerg.com R3	`2021-08-12` - `2021-11-10`	3 months	crt.sh
choupsee.com R3	`2021-08-10` - `2021-11-08`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
zuphaims.com R3	`2021-07-21` - `2021-10-19`	3 months	crt.sh
stawhoph.com R3	`2021-07-21` - `2021-10-19`	3 months	crt.sh
whugesto.net R3	`2021-07-21` - `2021-10-19`	3 months	crt.sh
bedrapiona.com R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
aulteeby.net R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.clickupdate.gq/
Frame ID: FB28D50806160A116C64963A3185DD1A
Requests: 87 HTTP requests in this frame

Frame: https://aulteeby.net/3140.html
Frame ID: 98E686D297051E24475384FC5C247B68
Requests: 1 HTTP requests in this frame

Frame: https://aulteeby.net/page/05.html
Frame ID: BC66806F7D6A9C4E8132B0D363E0AF4E
Requests: 1 HTTP requests in this frame

Frame: https://aulteeby.net/8.html
Frame ID: BD42F11B0F51068D7108BA4F1F7059F8
Requests: 1 HTTP requests in this frame

Frame: https://aulteeby.net/34/15117/9534/9.html
Frame ID: 56E1A4FE476EAA1201FEF41A5167B391
Requests: 1 HTTP requests in this frame

Frame: https://aulteeby.net/70/index.html
Frame ID: BA137910B386933C0229B0F5806866AB
Requests: 1 HTTP requests in this frame

Frame: https://aulteeby.net/54/3/59/23089.html
Frame ID: 924D3CD0D41845CD63A8EA2F12D2ADFB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

clickupdate

Page URL History Show full URLs

https://clickupdate.gq/ HTTP 301
https://www.clickupdate.gq/ Page URL

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

95
Requests

100 %
HTTPS

60 %
IPv6

23
Domains

29
Subdomains

25
IPs

3
Countries

2139 kB
Transfer

4329 kB
Size

0
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://perfect-mag-sora-templates.blogspot.com/p/page-markup-and-typography.html
Title: ShortCodes

Search URL Search Domain Scan URL

URL: http://www.sorabloggingtips.com/2017/01/how-to-add-sitemap-widget-in-blogspot-blogs.html
Title: SiteMap

Search URL Search Domain Scan URL

URL: https://perfect-mag-sora-templates.blogspot.in/soratemplates
Title: Error Page

Search URL Search Domain Scan URL

URL: https://www.sorabloggingtips.com/2017/11/how-to-setup-perfect-mag-blogger-template.html
Title: Web

Search URL Search Domain Scan URL

URL: https://youtu.be/0tKGtSthtY4
Title: Video

Search URL Search Domain Scan URL

URL: http://www.soratemplates.com/2015/02/perfect-mag-blogger-templates.html
Title: Download This Template

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/report-abuse
Title: Report Abuse

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/17576137862136724443
Title: Shittu Sylvester

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4086663599645061025&postID=6394249758793169751&from=pencil
Title: Edit

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4086663599645061025&postID=3083759151680064233&from=pencil
Title: Edit

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4086663599645061025&postID=4344395096547794744&from=pencil
Title: Edit

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4086663599645061025&postID=3803102238708812598&from=pencil
Title: Edit

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4086663599645061025&postID=5209850749406214857&from=pencil
Title: Edit

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4086663599645061025&postID=7926884450781133864&from=pencil
Title: Edit

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4086663599645061025&postID=5488119628321238004&from=pencil
Title: Edit

Search URL Search Domain Scan URL

URL: https://shardawebsolutions.com/
Title: Web Design Agency

Search URL Search Domain Scan URL

URL: https://www.mybloggerthemes.com/
Title: MyBloggerThemes

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clickupdate.gq/ HTTP 301
https://www.clickupdate.gq/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.clickupdate.gq/
Redirect Chain

https://clickupdate.gq/
https://www.clickupdate.gq/

954 KB
272 KB

284ms
201ms

Document
text/html

2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ba6c74496a1a76c09e503677e1588f8ecd0941b148bcb7f894e25c27ab9d80f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.clickupdate.gq
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
expires: Wed, 25 Aug 2021 05:51:22 GMT
date: Wed, 25 Aug 2021 05:51:22 GMT
cache-control: private, max-age=0
last-modified: Wed, 25 Aug 2021 01:12:32 GMT
etag: W/"382f1cb8859c0e2d0a27172c14c28801a67b6b580ad4a53dc7505ca4730262c2"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 277973
server: GSE

Redirect headers

location: https://www.clickupdate.gq/
date: Wed, 25 Aug 2021 05:51:22 GMT
content-type: text/html; charset=UTF-8
server: ghs
content-length: 224
x-xss-protection: 0
x-frame-options: SAMEORIGIN

GET
H2 200 3822632116-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
36 KB 6ms
5ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

224d95cce08108610c46ef4134793dbdd619e43e90e9d9cf42716a08f45222f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 05:08:45 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 14:53:42 GMT
server: sffe
age: 348157
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36990
x-xss-protection: 0
expires: Sun, 21 Aug 2022 05:08:45 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 136 KB
46 KB 338ms
275ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU8KD8IR

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0c85d7fd3ad4d2f4c68b6fe64e27f79cd71c38580a99fa9430493a730800fae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-mnt-h: 8-10
content-encoding: gzip
server: Apache
etag: "d5ede96274edc49399bc372dbc29353d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Wed, 25 Aug 2021 05:51:23 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-18
expires: Wed, 25 Aug 2021 05:56:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
629 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&ver=4.0.1

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

731ee3bbaa9f2fd92879f9087c9fbbf7438d3a52595c6c8a8020bb2a69b7afd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 05:03:15 GMT
server: ESF
date: Wed, 25 Aug 2021 05:51:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Aug 2021 05:51:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 700 B
453 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fjalla+One

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4513657e2548edc52a5143900dd01969a0bf43b46c204802da310c94a1ffb17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 05:08:43 GMT
server: ESF
date: Wed, 25 Aug 2021 05:51:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Aug 2021 05:51:22 GMT

GET
H2 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 21 KB
4 KB 19ms
17ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617
age: 13423303
cdn-cachedat: 2021-03-11 11:58:13
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 88d0bc5e94791e3f4ff6611cd6c538a6
cf-ray: 68428c5778962bca-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1/ 94 KB
94 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 00:15:24 GMT
x-content-type-options: nosniff
age: 365758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95786
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Aug 2022 00:15:24 GMT

GET
H2 200 2.-facebook-cover-image-nature-images-1.jpg
3.bp.blogspot.com/-5bB5bPUtx6A/YAqaNp34WEI/AAAAAAAAASA/wAdokt8Gk04N3v5kfTiFCSlm3edbv0EegCK4BGAYYCw/s1600/ 95 KB
96 KB 358ms
337ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-5bB5bPUtx6A/YAqaNp34WEI/AAAAAAAAASA/wAdokt8Gk04N3v5kfTiFCSlm3edbv0EegCK4BGAYYCw/s1600/2.-facebook-cover-image-nature-images-1.jpg

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4d431bd3a69d3996b87e585fd3115d423c5667ae3ba58c2b1571e036dfa865be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v121"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2.-facebook-cover-image-nature-images-1.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97726
x-xss-protection: 0
expires: Thu, 26 Aug 2021 05:51:23 GMT

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 116ms
114ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4086663599645061025&zx=5845e9b1-0c3a-4382-a4a7-f077f4c24c54

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 05:51:22 GMT
server: GSE
date: Wed, 25 Aug 2021 05:51:22 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d1619e5b75fcdd1f81277bc4fea6c05f38b26739f33454ce88d26631f7ed32b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: csQ3NX6mpJ+sjZYfPSUsFQ==
cross-origin-resource-policy: cross-origin
expires: Wed, 25 Aug 2021 05:59:50 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: F9wvfx7yM1a9dXMZ2bqDw8ofeaNH2wvpbF0C70DtAiF5XZo9sIX7SMg2SB6/H9citdeZQg3S/rpp7aJEvBCJnA==
x-fb-trip-id: 686109401
x-fb-content-md5: f7e48d561d6f5b138b96d50611ff33e2
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 25 Aug 2021 05:51:22 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e81eb6dd93a2bf7eb28f449500d73c69"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 bg.jpg
2.bp.blogspot.com/-qM_z9F6OoZg/V7JRozuiDLI/AAAAAAAAAvs/Xg4UelkBkZg7VSy4q_vS0QAPPdW22vHwACK4B/s0/ 267 KB
267 KB 34ms
11ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-qM_z9F6OoZg/V7JRozuiDLI/AAAAAAAAAvs/Xg4UelkBkZg7VSy4q_vS0QAPPdW22vHwACK4B/s0/bg.jpg

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6c4956683e1275f67daf349f158620f005d39f505298103b5fb13bd591be1db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 04:26:45 GMT
x-content-type-options: nosniff
age: 5077
content-disposition: inline;filename="bg.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 273365
x-xss-protection: 0
server: fife
etag: "v2fd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 25 Aug 2021 20:18:15 GMT

GET
H2 200 facebook.png
2.bp.blogspot.com/-HkMAx6xqU0o/Wh_p3npmexI/AAAAAAAAETE/thQK3nNxBRIL_a0sOQ6JAh6EN_AXMJr7ACLcBGAs/s1600/ 669 B
1 KB 33ms
11ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-HkMAx6xqU0o/Wh_p3npmexI/AAAAAAAAETE/thQK3nNxBRIL_a0sOQ6JAh6EN_AXMJr7ACLcBGAs/s1600/facebook.png

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

426d9d7b609164484ef83ab3eb383c2dda83f96feb147b82375dba814554f266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 04:36:49 GMT
x-content-type-options: nosniff
age: 4473
content-disposition: inline;filename="facebook.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 669
x-xss-protection: 0
server: fife
etag: "v1135"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Jul 2021 15:16:51 GMT

GET
H2 200 twitter.png
4.bp.blogspot.com/-BtpYGIppWKA/Wh_p4vRvjiI/AAAAAAAAETM/4EIDE6yQpIwnxdkf5s-vRHWF3Yo1e6gPQCLcBGAs/s1600/ 1 KB
1 KB 11ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-BtpYGIppWKA/Wh_p4vRvjiI/AAAAAAAAETM/4EIDE6yQpIwnxdkf5s-vRHWF3Yo1e6gPQCLcBGAs/s1600/twitter.png

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9dbbb52e23ebff1b66e672e1e0f3a501c1f8086dedf7f8da779c2f5d9c2f5f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 04:06:00 GMT
x-content-type-options: nosniff
age: 6322
content-disposition: inline;filename="twitter.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1078
x-xss-protection: 0
server: fife
etag: "v1135"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 25 Aug 2021 18:47:54 GMT

GET
H2 200 vimeo.png
3.bp.blogspot.com/-kSB6AG1fivg/Wh_p4zxkDzI/AAAAAAAAETQ/PZRxDH2Gj8EOUT77QTg1-SFL8ySqX337wCLcBGAs/s1600/ 1 KB
2 KB 23ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-kSB6AG1fivg/Wh_p4zxkDzI/AAAAAAAAETQ/PZRxDH2Gj8EOUT77QTg1-SFL8ySqX337wCLcBGAs/s1600/vimeo.png

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e357c79acdc37b1a7632681bb467526814d6b6a49bbb12dcd26e011bc4685616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 04:36:49 GMT
x-content-type-options: nosniff
age: 4473
content-disposition: inline;filename="vimeo.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1146
x-xss-protection: 0
server: fife
etag: "v1135"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 25 Aug 2021 18:54:41 GMT

GET
H2 200 flickr.png
4.bp.blogspot.com/-PBENaX-Uyxg/Wh_p3kXzhhI/AAAAAAAAETA/veesckRM7bot2EMYLTJnAVFivE5x-zpIwCLcBGAs/s1600/ 552 B
681 B 10ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-PBENaX-Uyxg/Wh_p3kXzhhI/AAAAAAAAETA/veesckRM7bot2EMYLTJnAVFivE5x-zpIwCLcBGAs/s1600/flickr.png

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dda4be3411b1db8eb35137039acb42ffdbd6521aae1354ec659e14aced216bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 04:06:00 GMT
x-content-type-options: nosniff
age: 6322
content-disposition: inline;filename="flickr.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 552
x-xss-protection: 0
server: fife
etag: "v1135"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 06 Jul 2021 19:05:01 GMT

GET
H2 200 dribbble.png
3.bp.blogspot.com/-NmMcKECatSQ/U6V_5SbOF1I/AAAAAAAAAkM/PWAmCSVs_wA/s1600/ 1 KB
2 KB 23ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-NmMcKECatSQ/U6V_5SbOF1I/AAAAAAAAAkM/PWAmCSVs_wA/s1600/dribbble.png

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9d5ce4853857058bcfa2acacc5e4ab58cbb35466a919e0c21d8ff592e8f1be74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 02:30:15 GMT
x-content-type-options: nosniff
age: 12067
content-disposition: inline;filename="dribbble.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1526
x-xss-protection: 0
server: fife
etag: "v246"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Jul 2021 06:24:20 GMT

GET
H2 200 linkedin.png
1.bp.blogspot.com/-0dcd9k5Nasw/Wh_p4ShZdDI/AAAAAAAAETI/OQ4yZ9cUDgIdvUlkBb1Hozxj7Q7B6aFQACLcBGAs/s1600/ 892 B
1 KB 32ms
10ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-0dcd9k5Nasw/Wh_p4ShZdDI/AAAAAAAAETI/OQ4yZ9cUDgIdvUlkBb1Hozxj7Q7B6aFQACLcBGAs/s1600/linkedin.png

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d8a541328a3381b808282fcc340d0df0b9a5756a7e5874125d93c2ed9de485ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 03:03:25 GMT
x-content-type-options: nosniff
age: 10077
content-disposition: inline;filename="linkedin.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 892
x-xss-protection: 0
server: fife
etag: "v1135"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Jul 2021 08:25:58 GMT

GET
H2 200 top-shadow.png
lh6.googleusercontent.com/-oTjnGLLM7Ig/UVRWx7Wq0XI/AAAAAAAAFU8/jfkNgNQ9970/s1105/ 6 KB
6 KB 8ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/-oTjnGLLM7Ig/UVRWx7Wq0XI/AAAAAAAAFU8/jfkNgNQ9970/s1105/top-shadow.png

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b2ecca0ab1df47f983243aeba286b2bce51748c0f4cd21fceb3abfa33390554c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 04:44:42 GMT
x-content-type-options: nosniff
age: 4000
content-disposition: inline;filename="top-shadow.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5867
x-xss-protection: 0
server: fife
etag: "v154f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 25 Aug 2021 16:19:02 GMT

GET
H3-29 200 icon-search.png
4.bp.blogspot.com/-R8OKVUsis3s/UgZEksy0V1I/AAAAAAAAAT4/QtN9sBHMZis/s1600/ 953 B
978 B 29ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-R8OKVUsis3s/UgZEksy0V1I/AAAAAAAAAT4/QtN9sBHMZis/s1600/icon-search.png

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ba06da9e3b2565103c9ba09aa56fe85809aa49d218de985fbae4381b3c75d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 04:10:53 GMT
x-content-type-options: nosniff
age: 6029
content-disposition: inline;filename="icon-search.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 953
x-xss-protection: 0
server: fife
etag: "v13f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Jul 2021 12:04:28 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v40/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald&ver=4.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.clickupdate.gq
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:30:53 GMT
x-content-type-options: nosniff
age: 105629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16016
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:30:53 GMT

GET
H3-29 200 fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 43 KB
44 KB 35ms
23ms Font
font/woff 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.clickupdate.gq
Referer: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 565, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 07:47:10
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 44432
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 93a12a308d02f09b55ab9f058a256693
accept-ranges: bytes
cf-ray: 68428c580cfc4e4f-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ntfc.php Show response
vistoolr.net/ 15 KB
6 KB 100ms
30ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vistoolr.net/ntfc.php?p=3894713
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 50bcd13421879497612e61d66c2621b284c6bfa543c908cb6a0b10669e95467a

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 05:51:22 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 13:02:22 GMT
server: nginx
etag: W/"6124edde-3b23"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3-29 200 all.js Show response
connect.facebook.net/en_US/ 230 KB
67 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=80b2e99fe55d9275018754887c98dab6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

80be3c49e30662cd7a062b6b2d678b9ea5b86ef4cb07d47a16967c0db6eac0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.clickupdate.gq
Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 7ofoyVr+oTerRUwhuluD6Q==
cross-origin-resource-policy: cross-origin
expires: Thu, 25 Aug 2022 04:17:23 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68351
x-fb-rlafr: 0
x-fb-debug: 6Vl5Q5hcF5vL3OzCAseZETAsjeegiX3Ey+K3lKZOzcMSemZzSiO5ic1HtM/CPB+Oba3u0+llFm8Uj6M8vY/Ueg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: adf2f3cb6fdbfa1889fbfb5609d43b86
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 Aug 2021 05:51:22 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "df60957613b0ddcec1fca66155b9384f"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 ntfc.php Show response
propu.sh/ 15 KB
6 KB 106ms
32ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/ntfc.php?p=3894707
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 50bcd13421879497612e61d66c2621b284c6bfa543c908cb6a0b10669e95467a

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 05:51:23 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 13:02:24 GMT
server: nginx
etag: W/"6124ede0-3b23"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 ntfc.php Show response
poacawhe.net/ 15 KB
6 KB 116ms
32ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://poacawhe.net/ntfc.php?p=3894701
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 50bcd13421879497612e61d66c2621b284c6bfa543c908cb6a0b10669e95467a

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 05:51:22 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 13:02:22 GMT
server: nginx
etag: W/"6124edde-3b23"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 merlin_193559409_eee46f69-9ed7-4f10-9179-e95222e5a810-mediumThreeByTwo440.jpg
static01.nyt.com/images/2021/08/24/world/24afghanistan-briefing-women/ 46 KB
47 KB 66ms
19ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2021/08/24/world/24afghanistan-briefing-women/merlin_193559409_eee46f69-9ed7-4f10-9179-e95222e5a810-mediumThreeByTwo440.jpg
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ed50201af309dd1e3964d5874dd2663e2e66326102efd8eecfec4a64fa731691

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:23 GMT
via: 1.1 varnish, 1.1 varnish
age: 20592
x-guploader-uploadid: ADPycdtHQstOfyc5XVwcVGMIrSoUKmYHO0ho091l2MawlGyfD_LlSTf6vlhdg9Lf0UijgDkKP3UO8MEJEtH7sFBnLBVY8PI9Rw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 47130
x-served-by: cache-bwi5139-BWI, cache-fra19142-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 25 Aug 2021 00:07:25 GMT
server: UploadServer
x-timer: S1629870683.057734,VS0,VE1
etag: "0343ae2962ac3da281401d698e51860f"
vary: Origin
x-goog-hash: crc32c=SXJhuw==, md5=A0OuKWKsPaKBQB1pjlGGDw==
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 25 Aug 2021 00:08:10 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 merlin_16233009_99346733-44d7-4850-939e-1d78051f43af-mediumThreeByTwo440.jpg
static01.nyt.com/images/2021/08/24/us/politics/24dc-rumsfeld/ 33 KB
33 KB 87ms
41ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2021/08/24/us/politics/24dc-rumsfeld/merlin_16233009_99346733-44d7-4850-939e-1d78051f43af-mediumThreeByTwo440.jpg
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2e46b55ec98fc5d5d0ba152c7a0d87ddca6d6a3629849e909e13309cd9602956

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:23 GMT
via: 1.1 varnish, 1.1 varnish
age: 20674
x-guploader-uploadid: ADPycduadaRNZqztjiikDmooKPewTmWsTV2mW4JKWsIKyUX30ZxWV72iIc8MmI_MhL7KJVhAoyzRwNFYiN9Ik3rBuA6eYlrMQQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 33365
x-served-by: cache-bwi5145-BWI, cache-fra19142-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 25 Aug 2021 00:06:30 GMT
server: UploadServer
x-timer: S1629870683.057718,VS0,VE1
etag: "a2062ce6b4c4c2efcd8a64d5b97f0aab"
vary: Origin
x-goog-hash: crc32c=j+57sA==, md5=ogYs5rTEwu/NimTVuX8Kqw==
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 25 Aug 2021 00:06:48 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 24AFGHANISTAN-LEDEALL-3-mediumThreeByTwo440.jpg
static01.nyt.com/images/2021/08/24/us/politics/24AFGHANISTAN-LEDEALL-3/ 48 KB
49 KB 98ms
52ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2021/08/24/us/politics/24AFGHANISTAN-LEDEALL-3/24AFGHANISTAN-LEDEALL-3-mediumThreeByTwo440.jpg
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 423108cab57c13e62d0ccf91bfa1bc50f1d774b22fe647d3c9a62fc8fac4c287

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:23 GMT
via: 1.1 varnish, 1.1 varnish
age: 20718
x-guploader-uploadid: ADPycdtyr93M4BEXtdaQ-cMv4HxNPH0loHI_pk9N9RKN1wm9n-IYtHxOA8IxZB_P5jH-k1EKhr06pgbimAl27E1n8-XYmyOUTQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 49450
x-served-by: cache-bwi5150-BWI, cache-fra19142-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 25 Aug 2021 00:05:59 GMT
server: UploadServer
x-timer: S1629870683.057955,VS0,VE1
etag: "8e6d73b27bc889d8ef6d47afabf3965b"
vary: Origin
x-goog-hash: crc32c=KpJtuA==, md5=jm1zsnvIidjvbUevq/OWWw==
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 25 Aug 2021 00:06:05 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 1

GET
H2 200 merlin_190223961_088025a4-512e-4321-b629-f528b4343cd5-mediumThreeByTwo440.jpg
static01.nyt.com/images/2021/08/24/us/politics/00dc-scotus-immig/ 42 KB
42 KB 112ms
67ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2021/08/24/us/politics/00dc-scotus-immig/merlin_190223961_088025a4-512e-4321-b629-f528b4343cd5-mediumThreeByTwo440.jpg
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 41da54225542e07bd041003921dab689ecc0658d66dabb0f12eab56399e73e86

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:23 GMT
via: 1.1 varnish, 1.1 varnish
age: 20811
x-guploader-uploadid: ADPycdtY3gk5SgMx2llM8ghk7Pi6MlXI-Ehv58R-iiWRMEeZiMet6-PIGYhPMO55rDFZBdWCDQ3DazaY2UeFTT5nzdWOOZkc4Q
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 42646
x-served-by: cache-bwi5145-BWI, cache-fra19142-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 25 Aug 2021 00:04:21 GMT
server: UploadServer
x-timer: S1629870683.058098,VS0,VE1
etag: "85b44ca5c81f6bd967106e8126489d86"
vary: Origin
x-goog-hash: crc32c=jcAhDA==, md5=hbRMpcgfa9lnEG6BJkidhg==
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 25 Aug 2021 00:04:32 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 24Gest3-mediumThreeByTwo440.jpg
static01.nyt.com/images/2021/08/25/opinion/24Gest3/ 65 KB
66 KB 105ms
60ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2021/08/25/opinion/24Gest3/24Gest3-mediumThreeByTwo440.jpg
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 510c60019bdbe12eb05628a06615aa89baf2393251f8278a7c695df519837463

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:23 GMT
via: 1.1 varnish, 1.1 varnish
age: 21670
x-guploader-uploadid: ADPycdt66ayKuVMHfJUqPkX0pbWbmQwY81YzB4YFes6wx0bFXsh3n5qrxUXKx3I-k_KEa66prnHlypdjgjTcVRPhJc9qRmzBDA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 66767
x-served-by: cache-bwi5127-BWI, cache-fra19142-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 24 Aug 2021 23:37:01 GMT
server: UploadServer
x-timer: S1629870683.057967,VS0,VE1
etag: "2f77e450f79b5a7441fc5174d2bfd14a"
vary: Origin
x-goog-hash: crc32c=9seO9g==, md5=L3fkUPebWnRB/FF00r/RSg==
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 24 Aug 2021 23:50:13 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 24virus-briefing-global-roundup2-mediumThreeByTwo440.jpg
static01.nyt.com/images/2021/08/24/world/24virus-briefing-global-roundup2/ 37 KB
38 KB 112ms
66ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2021/08/24/world/24virus-briefing-global-roundup2/24virus-briefing-global-roundup2-mediumThreeByTwo440.jpg
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3b0b50ef0841f56abf2f3070bd762c0658941bd8cfc8d231542322ffd009e550

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:23 GMT
via: 1.1 varnish, 1.1 varnish
age: 20249
x-guploader-uploadid: ADPycdtKSpJyvUGAvp4D9C3RVdTYJi21x0HiVLoEPIQwddP5FZd31buW6Ifv5XjmTv-cVhwovJ_x3i43B1gCwM9odiz8MnuEcg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 38200
x-served-by: cache-bwi5126-BWI, cache-fra19142-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 24 Aug 2021 23:48:18 GMT
server: UploadServer
x-timer: S1629870683.057929,VS0,VE1
etag: "7eb41738b1b288039fda0c93c09afc8e"
vary: Origin
x-goog-hash: crc32c=EdqPJw==, md5=frQXOLGyiAOf2gyTwJr8jg==
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 25 Aug 2021 00:13:54 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 merlin_193550463_1ab00371-ac1e-485b-b90e-8cbb1073f506-mediumThreeByTwo440.jpg
static01.nyt.com/images/2021/08/24/us/24dc-evacuate/ 49 KB
50 KB 66ms
66ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2021/08/24/us/24dc-evacuate/merlin_193550463_1ab00371-ac1e-485b-b90e-8cbb1073f506-mediumThreeByTwo440.jpg
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0cc7138a7787292e4cfb5b3d96d041debecdaf6a52f4c9665929415fa33e4a17

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:23 GMT
via: 1.1 varnish, 1.1 varnish
age: 23714
x-guploader-uploadid: ADPycdsbDa_CWBD8oWSqGdESn14OhtE83cCjXj2RlnVm5Am4tEQmtLy06_DkCallCcMwn8PXT0DmQzKL74_3gWhbRl9OVkbKXA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 50413
x-served-by: cache-bwi5144-BWI, cache-fra19142-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 24 Aug 2021 23:15:22 GMT
server: UploadServer
x-timer: S1629870683.059214,VS0,VE0
etag: "37a5313fcd4ed3fb1aeb8de71c8da720"
vary: Origin
x-goog-hash: crc32c=3/MpBQ==, md5=N6UxP81O0/sa643nHI2nIA==
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 24 Aug 2021 23:16:09 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 3

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 110ms
109ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4086663599645061025&zx=5845e9b1-0c3a-4382-a4a7-f077f4c24c54

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 05:51:23 GMT
server: GSE
date: Wed, 25 Aug 2021 05:51:23 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.clickupdate.gq/ 11 KB
11 KB 193ms
193ms Image
text/html 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.clickupdate.gq/

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.clickupdate.gq
referer: https://www.clickupdate.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 01:12:32 GMT
server: GSE
etag: W/"382f1cb8859c0e2d0a27172c14c28801a67b6b580ad4a53dc7505ca4730262c2"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
content-length: 277973
x-xss-protection: 1; mode=block
expires: Wed, 25 Aug 2021 05:51:23 GMT

GET
H3-29 200 logo-16.png
www.blogger.com/img/ 279 B
300 B 7ms
6ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/logo-16.png

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 02:12:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 Aug 2021 05:53:29 GMT
server: sffe
age: 99521
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Tue, 31 Aug 2021 02:12:42 GMT

GET
H2 200 Slider Show response
www.clickupdate.gq/feeds/posts/default/-/ 2 KB
1 KB 376ms
376ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickupdate.gq/feeds/posts/default/-/Slider?max-results=6&orderby=published&alt=json-in-script&callback=showrecentposts

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

2360ab674501de31dffbfb5a374a09f4cf4af9277c3040d396971207a02f4ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/-/Slider?max-results=6&orderby=published&alt=json-in-script&callback=showrecentposts
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.clickupdate.gq
referer: https://www.clickupdate.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 01:12:32 GMT
server: blogger-renderd
etag: W/"361d70d5635d2fb1c818255c2f28d48b042913302abf189f059cdd5c12096879"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 885
x-xss-protection: 0
expires: Wed, 25 Aug 2021 05:51:24 GMT

GET
H2 200 zone Show response
vistoolr.net/ 180 B
470 B 33ms
32ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vistoolr.net/zone?pub=0&zone_id=3894713&is_mobile=false&domain=www.clickupdate.gq&var=&ymid=&var_3=

Requested by

Host: vistoolr.net
URL: https://vistoolr.net/ntfc.php?p=3894713

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5b44a3a80a8754c7c8eb45d4b3a6d99d9b3e029c0804c68d900cf5ac44c7b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 296d520f37dedd93e5104cf6fffd0f37
date: Wed, 25 Aug 2021 05:51:22 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.clickupdate.gq
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 180

GET
H2 200 universal.min.js Show response
vistoolr.net/pfe/current/ 111 KB
40 KB 99ms
32ms Fetch
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vistoolr.net/pfe/current/universal.min.js?v=3.1.319
Requested by: Host: vistoolr.net
URL: https://vistoolr.net/ntfc.php?p=3894713
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4aff1d6b9cd1d955edeaef9cab009fa141654c4ffa18c1a9308bc419e770ac9f

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 05:51:22 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 13:02:22 GMT
server: nginx
etag: W/"6124edde-1bc82"
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 ntfc.php Show response
loulouly.net/ 15 KB
6 KB 103ms
30ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://loulouly.net/ntfc.php?p=3885779
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 50bcd13421879497612e61d66c2621b284c6bfa543c908cb6a0b10669e95467a

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 05:51:23 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 13:02:24 GMT
server: nginx
etag: W/"6124ede0-3b23"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 ntfc.php Show response
kumteerg.com/ 15 KB
6 KB 131ms
33ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/ntfc.php?p=3885767
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 50bcd13421879497612e61d66c2621b284c6bfa543c908cb6a0b10669e95467a

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 05:51:22 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 13:02:22 GMT
server: nginx
etag: W/"6124edde-3b23"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 ntfc.php Show response
choupsee.com/ 15 KB
6 KB 100ms
32ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choupsee.com/ntfc.php?p=3885739
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 50bcd13421879497612e61d66c2621b284c6bfa543c908cb6a0b10669e95467a

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 05:51:22 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 13:02:22 GMT
server: nginx
etag: W/"6124edde-3b23"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 zone Show response
propu.sh/ 180 B
470 B 33ms
32ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/zone?pub=0&zone_id=3894707&is_mobile=false&domain=www.clickupdate.gq&var=&ymid=&var_3=

Requested by

Host: propu.sh
URL: https://propu.sh/ntfc.php?p=3894707

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5b44a3a80a8754c7c8eb45d4b3a6d99d9b3e029c0804c68d900cf5ac44c7b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: b689fe0b4b57d9aeb8aab5622e32d18d
date: Wed, 25 Aug 2021 05:51:23 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.clickupdate.gq
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 180

GET
H2 200 universal.min.js Show response
propu.sh/pfe/current/ 111 KB
40 KB 91ms
30ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/pfe/current/universal.min.js?v=3.1.319
Requested by: Host: propu.sh
URL: https://propu.sh/ntfc.php?p=3894707
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4aff1d6b9cd1d955edeaef9cab009fa141654c4ffa18c1a9308bc419e770ac9f

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 05:51:23 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 13:02:24 GMT
server: nginx
etag: W/"6124ede0-1bc82"
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 ntfc.php Show response
loulouly.net/ 15 KB
6 KB 75ms
50ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://loulouly.net/ntfc.php?p=3882227
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 50bcd13421879497612e61d66c2621b284c6bfa543c908cb6a0b10669e95467a

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 05:51:23 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 13:02:24 GMT
server: nginx
etag: W/"6124ede0-3b23"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3-29 200 v3.png
1.bp.blogspot.com/-1-k1LuBfg2w/VgQ1LPU6nYI/AAAAAAAABOc/pX9UQxcLTdw/s1600-r/ 109 KB
109 KB 23ms
7ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-1-k1LuBfg2w/VgQ1LPU6nYI/AAAAAAAABOc/pX9UQxcLTdw/s1600-r/v3.png

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d4b975a4f3224432a7d13e56a18ec33cceb45a3aad0eed3b41a041a8c80a5ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:16:32 GMT
x-content-type-options: nosniff
age: 2091
content-disposition: inline;filename="v3.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111146
x-xss-protection: 0
server: fife
etag: "v4e8"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Jul 2021 10:13:10 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6390c8d956a7f64e65782ade728dd1c30881b91d6c155e8b00930277fd74bef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hhm5vyoSj4j8u50T8eVKFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "d686fddac5457bf0de3b958d49856ad1"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-hhm5vyoSj4j8u50T8eVKFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Wed, 25 Aug 2021 05:51:23 GMT

GET
H2 200 cookienotice.js Show response
www.clickupdate.gq/js/ 6 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickupdate.gq/js/cookienotice.js

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /js/cookienotice.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.clickupdate.gq
referer: https://www.clickupdate.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 04:54:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
expires: Wed, 01 Sep 2021 05:51:23 GMT

GET
H3-29 200 2711394818-widgets.js Show response
www.blogger.com/static/v1/widgets/ 147 KB
147 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2711394818-widgets.js

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cf1034c3ae5ee773bd0deb3c180447c5e44b85e46c95d386622d6312f5fb550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 14:44:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 Aug 2021 07:04:24 GMT
server: sffe
age: 54438
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150546
x-xss-protection: 0
expires: Wed, 24 Aug 2022 14:44:05 GMT

GET
H2 200 zone Show response
poacawhe.net/ 180 B
470 B 33ms
32ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://poacawhe.net/zone?pub=0&zone_id=3894701&is_mobile=false&domain=www.clickupdate.gq&var=&ymid=&var_3=

Requested by

Host: poacawhe.net
URL: https://poacawhe.net/ntfc.php?p=3894701

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5b44a3a80a8754c7c8eb45d4b3a6d99d9b3e029c0804c68d900cf5ac44c7b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 378d1f9159b24cadd822fdc78978ac47
date: Wed, 25 Aug 2021 05:51:22 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.clickupdate.gq
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 180

GET
H2 200 universal.min.js Show response
poacawhe.net/pfe/current/ 111 KB
40 KB 92ms
30ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://poacawhe.net/pfe/current/universal.min.js?v=3.1.319
Requested by: Host: poacawhe.net
URL: https://poacawhe.net/ntfc.php?p=3894701
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4aff1d6b9cd1d955edeaef9cab009fa141654c4ffa18c1a9308bc419e770ac9f

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 05:51:23 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 13:02:24 GMT
server: nginx
etag: W/"6124ede0-1bc82"
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-cache
access-control-allow-credentials: true

OPTIONS
H2 200 custom
propu.sh/ Frame 0
0 255ms
255ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/custom
Protocol: H2
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.clickupdate.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 25 Aug 2021 05:51:23 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.clickupdate.gq
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
propu.sh/ 39 B
328 B 35ms
35ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/custom

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 357d47f1e08359869c00723d0db9498d
date: Wed, 25 Aug 2021 05:51:23 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.clickupdate.gq
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

POST
H2 200 event Show response
propu.sh/ 94 B
384 B 36ms
35ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/event

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7447d4738d01228e1b37d131be050c8aa47a5ea48b5fa9aaccb180824f652925

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 433d427535794b5cc32f65f46550b60c
date: Wed, 25 Aug 2021 05:51:23 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.clickupdate.gq
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 94

OPTIONS
H2 200 event
propu.sh/ Frame 0
0 254ms
253ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/event
Protocol: H2
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.clickupdate.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 25 Aug 2021 05:51:23 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.clickupdate.gq
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

GET
H2 200 Business Show response
www.clickupdate.gq/feeds/posts/default/-/ 2 KB
997 B 395ms
395ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickupdate.gq/feeds/posts/default/-/Business?orderby=published&alt=json-in-script&callback=mythumb1

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

0b459641ae8df5bd51b14516edb3e1e7bfc953ca260b7ccd8395d310c478f8d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/-/Business?orderby=published&alt=json-in-script&callback=mythumb1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.clickupdate.gq
referer: https://www.clickupdate.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 01:12:32 GMT
server: blogger-renderd
etag: W/"d9e0f35dc7e3efd413be378f77cfa85bd16567ffc83822ea42377bed5bab8422"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 877
x-xss-protection: 0
expires: Wed, 25 Aug 2021 05:51:24 GMT

GET
H2 200 Business Show response
www.clickupdate.gq/feeds/posts/default/-/ 2 KB
1008 B 351ms
350ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickupdate.gq/feeds/posts/default/-/Business?max-results=6&orderby=published&alt=json-in-script&callback=recentarticles7

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

77240f7b0f589c839887b0ec8cf0591b81d108117958aa5d14ce38036385f1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/-/Business?max-results=6&orderby=published&alt=json-in-script&callback=recentarticles7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.clickupdate.gq
referer: https://www.clickupdate.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 01:12:32 GMT
server: blogger-renderd
etag: W/"c4c751cca9276f705fce5b812f334e89387e917b230cfea76ffb510cbf487282"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 889
x-xss-protection: 0
expires: Wed, 25 Aug 2021 05:51:24 GMT

GET
H2 200 Gallery Show response
www.clickupdate.gq/feeds/posts/default/-/ 2 KB
1019 B 415ms
414ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickupdate.gq/feeds/posts/default/-/Gallery?orderby=published&alt=json-in-script&callback=mythumb

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

6cbd9403fe924e84c6ec7e77f6172f469a957661d2390fa3650f9040d91200e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/-/Gallery?orderby=published&alt=json-in-script&callback=mythumb
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.clickupdate.gq
referer: https://www.clickupdate.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 01:12:32 GMT
server: blogger-renderd
etag: W/"72ed78fa6d68086d44e95c40248957499d18d1afdf74cf267eb5bf11e3e27c2e"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 876
x-xss-protection: 0
expires: Wed, 25 Aug 2021 05:51:25 GMT

GET
H2 200 summary Show response
www.clickupdate.gq/feeds/posts/ 264 KB
23 KB 1048ms
1048ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickupdate.gq/feeds/posts/summary?alt=json-in-script&callback=pageNavi&max-results=99999

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

9b601ea927f1cdc119f2157a20ce00a4c18d7669d9da4d66c1b7b04387d1cc26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/summary?alt=json-in-script&callback=pageNavi&max-results=99999
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.clickupdate.gq
referer: https://www.clickupdate.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 01:12:32 GMT
server: blogger-renderd
etag: W/"d0990ddf52c00c1ddd7c59e496d2551952fe9e1e4512aef0086ef49788c39b48"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 23019
x-xss-protection: 0
expires: Wed, 25 Aug 2021 05:51:25 GMT

GET
H2 403 / Show response
zuphaims.com/5/3894766/ 382 B
801 B 130ms
54ms XHR
application/javascript 139.45.197.247
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zuphaims.com/5/3894766/?oo=1
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.247 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6fd96517dd6c1ef5bce526128dd35d112086a5716a69066403a3e5a9267b6990

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: e697a25b952c206a089bd9fc383a3681
pragma: no-cache
date: Wed, 25 Aug 2021 05:51:25 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.min.js Show response
zuphaims.com/ 61 KB
20 KB 127ms
51ms Script
text/javascript 139.45.197.247
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zuphaims.com/tag.min.js

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.247 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

09abfa0ae4b09cbd3bcd16e255a5b26a3de0229486d0b2d7eaeb69e86202fe1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
access-control-max-age: 86400
content-length: 20189
x-trace-id: fd71461a6c822b3b5f1deeb90663350e
pragma: no-cache
last-modified: Mon, 23 Aug 2021 09:17:09 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 403 / Show response
zuphaims.com/5/3894761/ 382 B
801 B 102ms
54ms XHR
application/javascript 139.45.197.247
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zuphaims.com/5/3894761/?oo=1
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.247 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7c0a2fa852c026c3cebb0d1677cf0c948fa9205b80ecb3eff3ad22f903eb132f

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 82a3d13ec06e42b0d57f29db5c85789b
pragma: no-cache
date: Wed, 25 Aug 2021 05:51:25 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 403 / Show response
stawhoph.com/5/3894759/ 382 B
801 B 132ms
48ms XHR
application/javascript 139.45.197.235
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stawhoph.com/5/3894759/?oo=1
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.235 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ec73075ca8e52e12ceb8f712b0489ee11abc2249ef98e0157df9befcbb2c0f28

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: c4d0ebef1963810375739d1f56039274
pragma: no-cache
date: Wed, 25 Aug 2021 05:51:25 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.min.js Show response
stawhoph.com/ 61 KB
20 KB 130ms
46ms Script
text/javascript 139.45.197.235
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://stawhoph.com/tag.min.js

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.235 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

09abfa0ae4b09cbd3bcd16e255a5b26a3de0229486d0b2d7eaeb69e86202fe1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
access-control-max-age: 86400
content-length: 20189
x-trace-id: 05d2eb8764452bad535d323fbd9e64fa
pragma: no-cache
last-modified: Mon, 23 Aug 2021 09:17:09 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 403 / Show response
whugesto.net/5/3894748/ 382 B
801 B 123ms
51ms XHR
application/javascript 139.45.197.246
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://whugesto.net/5/3894748/?oo=1
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.246 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0344a586424b8b96afd8a6336ad1b7778984dae329acce3ab30956f98aa755d6

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: eb5fdaac42e5d681c596ee9414f4b104
pragma: no-cache
date: Wed, 25 Aug 2021 05:51:20 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.min.js Show response
whugesto.net/ 61 KB
20 KB 120ms
48ms Script
text/javascript 139.45.197.246
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://whugesto.net/tag.min.js

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.246 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

09abfa0ae4b09cbd3bcd16e255a5b26a3de0229486d0b2d7eaeb69e86202fe1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:20 GMT
content-encoding: br
x-content-type-options: nosniff
access-control-max-age: 86400
content-length: 20189
x-trace-id: dba7c43022fde70af344efe545a68145
pragma: no-cache
last-modified: Mon, 23 Aug 2021 09:17:09 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 61 KB
22 KB 43ms
17ms Script
text/javascript 2606:4700:20::ac43:4b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09abfa0ae4b09cbd3bcd16e255a5b26a3de0229486d0b2d7eaeb69e86202fe1f

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 64641
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-trace-id: 507b82af736f175a007a74ecb14a9e5a
pragma: no-cache
last-modified: Mon, 23 Aug 2021 09:15:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KJB5aE4zcOBR%2BTi8TF7XvhWLMHPDVs1zCtM0CqUUyJ8WCxCu2vNBUOPtrkSlt%2F4y95zswfotiNZJ3Q94XwO1vnPVGE%2BMSb6dGCH%2B8cAW3hkXx6cDCmYqJZGEz41IVfcHu0qOBMj%2FECbgps%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 68428c6a7ba15c2c-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Wed, 25 Aug 2021 11:54:04 GMT

GET
H2 403 / Show response
whugesto.net/5/3885786/ 382 B
801 B 37ms
36ms XHR
application/javascript 139.45.197.246
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://whugesto.net/5/3885786/?oo=1
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.246 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c0c91df80d1811612a62d62d8a2478b19b45e8e3e505254783a0b34619612ac0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 4815320ea5312b20e6cf6316bf93d286
pragma: no-cache
date: Wed, 25 Aug 2021 05:51:20 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 403 / Show response
zuphaims.com/5/3882247/ 382 B
801 B 38ms
38ms XHR
application/javascript 139.45.197.247
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zuphaims.com/5/3882247/?oo=1
Requested by: Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.247 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e4f52a77f6fdc00a82ed4f9006e42d1341a50553ca3ac9ff028ca0e8a4c12fff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 575a65def5dc5fee10b047346026cc19
pragma: no-cache
date: Wed, 25 Aug 2021 05:51:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 zone Show response
loulouly.net/ 180 B
470 B 63ms
62ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://loulouly.net/zone?pub=0&zone_id=3885779&is_mobile=false&domain=www.clickupdate.gq&var=&ymid=&var_3=

Requested by

Host: loulouly.net
URL: https://loulouly.net/ntfc.php?p=3885779

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5b44a3a80a8754c7c8eb45d4b3a6d99d9b3e029c0804c68d900cf5ac44c7b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 1fc276a8020304524f093a1cff9cb9c3
date: Wed, 25 Aug 2021 05:51:26 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.clickupdate.gq
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 180

GET
H2 200 universal.min.js Show response
loulouly.net/pfe/current/ 111 KB
40 KB 130ms
47ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://loulouly.net/pfe/current/universal.min.js?v=3.1.319
Requested by: Host: loulouly.net
URL: https://loulouly.net/ntfc.php?p=3885779
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4aff1d6b9cd1d955edeaef9cab009fa141654c4ffa18c1a9308bc419e770ac9f

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 05:51:26 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 13:02:24 GMT
server: nginx
etag: W/"6124ede0-1bc82"
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 zone Show response
kumteerg.com/ 180 B
470 B 31ms
30ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kumteerg.com/zone?pub=0&zone_id=3885767&is_mobile=false&domain=www.clickupdate.gq&var=&ymid=&var_3=

Requested by

Host: kumteerg.com
URL: https://kumteerg.com/ntfc.php?p=3885767

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5b44a3a80a8754c7c8eb45d4b3a6d99d9b3e029c0804c68d900cf5ac44c7b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 35eefdd7ffb865b91c3d7fce88ec1eb3
date: Wed, 25 Aug 2021 05:51:25 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.clickupdate.gq
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 180

GET
H2 200 universal.min.js Show response
kumteerg.com/pfe/current/ 111 KB
40 KB 97ms
32ms Fetch
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/pfe/current/universal.min.js?v=3.1.319
Requested by: Host: kumteerg.com
URL: https://kumteerg.com/ntfc.php?p=3885767
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4aff1d6b9cd1d955edeaef9cab009fa141654c4ffa18c1a9308bc419e770ac9f

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 05:51:25 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 13:02:22 GMT
server: nginx
etag: W/"6124edde-1bc82"
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 zone Show response
choupsee.com/ 180 B
469 B 31ms
30ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://choupsee.com/zone?pub=0&zone_id=3885739&is_mobile=false&domain=www.clickupdate.gq&var=&ymid=&var_3=

Requested by

Host: choupsee.com
URL: https://choupsee.com/ntfc.php?p=3885739

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5b44a3a80a8754c7c8eb45d4b3a6d99d9b3e029c0804c68d900cf5ac44c7b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: a8bec2942bcac9d64d3d2f07f20ee02e
date: Wed, 25 Aug 2021 05:51:25 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.clickupdate.gq
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 180

GET
H2 200 universal.min.js Show response
choupsee.com/pfe/current/ 111 KB
40 KB 91ms
29ms Fetch
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choupsee.com/pfe/current/universal.min.js?v=3.1.319
Requested by: Host: choupsee.com
URL: https://choupsee.com/ntfc.php?p=3885739
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4aff1d6b9cd1d955edeaef9cab009fa141654c4ffa18c1a9308bc419e770ac9f

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 05:51:25 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 13:02:22 GMT
server: nginx
etag: W/"6124edde-1bc82"
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 zone Show response
loulouly.net/ 180 B
470 B 31ms
30ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://loulouly.net/zone?pub=0&zone_id=3882227&is_mobile=false&domain=www.clickupdate.gq&var=&ymid=&var_3=

Requested by

Host: loulouly.net
URL: https://loulouly.net/ntfc.php?p=3882227

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5b44a3a80a8754c7c8eb45d4b3a6d99d9b3e029c0804c68d900cf5ac44c7b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 2a44043252b26690d78ba539b808d26f
date: Wed, 25 Aug 2021 05:51:26 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.clickupdate.gq
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 180

GET
H2 200 universal.min.js Show response
loulouly.net/pfe/current/ 111 KB
40 KB 131ms
68ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://loulouly.net/pfe/current/universal.min.js?v=3.1.319
Requested by: Host: loulouly.net
URL: https://loulouly.net/ntfc.php?p=3882227
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4aff1d6b9cd1d955edeaef9cab009fa141654c4ffa18c1a9308bc419e770ac9f

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 05:51:26 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 13:02:24 GMT
server: nginx
etag: W/"6124ede0-1bc82"
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 Business Show response
www.clickupdate.gq/feeds/posts/default/-/ 2 KB
978 B 142ms
142ms Script
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickupdate.gq/feeds/posts/default/-/Business?max-results=6&orderby=published&alt=json-in-script&callback=recentarticles1

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

19488898d35fbceeae75ecdf6f77c0680d670b38ca375f5cedc0c0c227e6f1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/-/Business?max-results=6&orderby=published&alt=json-in-script&callback=recentarticles1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.clickupdate.gq
referer: https://www.clickupdate.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 01:12:32 GMT
server: blogger-renderd
etag: W/"c4c751cca9276f705fce5b812f334e89387e917b230cfea76ffb510cbf487282"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 889
x-xss-protection: 0
expires: Wed, 25 Aug 2021 05:51:27 GMT

GET
H2 403 / Show response
bedrapiona.com/5/3885750/ 382 B
801 B 108ms
39ms XHR
application/javascript 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3885750/?oo=1&js_build=2
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: bd83ba7c285bf8685e3cc4232be4bd558d44ed42ade40a4ac6989113865a86e3

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 8d84359ca9eff3a7703a1215e3b4cb20
pragma: no-cache
date: Wed, 25 Aug 2021 05:51:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 403 / Show response
bedrapiona.com/5/3894744/ 382 B
800 B 102ms
40ms XHR
application/javascript 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3894744/?oo=1&js_build=2
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 95bd1e272a1ed2b49ab26b7cfad4ad65d0f647001c225f3d03e7fa94c5a9b107

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: c266f8a2c5a2cc1cbdaca83531dbadd2
pragma: no-cache
date: Wed, 25 Aug 2021 05:51:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 403 / Show response
bedrapiona.com/5/3885783/ 382 B
801 B 94ms
36ms XHR
application/javascript 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3885783/?oo=1&js_build=2
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 080db4d4bde99244a12033d3d3ef713589695132e9e145ca03487c72d9e38c79

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: bf252ae361b22375509a1e07bd9c56f0
pragma: no-cache
date: Wed, 25 Aug 2021 05:51:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 403 / Show response
bedrapiona.com/5/3882224/ 382 B
801 B 91ms
35ms XHR
application/javascript 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3882224/?oo=1&js_build=2
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 12eb54bdf346cfe3535388de09728c365d3ac2595ae0b21cc70b26fba42f2971

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 2abdbc16a2af7b6298fcffea8aa135ee
pragma: no-cache
date: Wed, 25 Aug 2021 05:51:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 403 / Show response
bedrapiona.com/5/3894732/ 382 B
801 B 89ms
36ms XHR
application/javascript 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3894732/?oo=1&js_build=2
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 596e87b56c752f998db675bfabe296e478920eb09103550287d234d9ef4c8f4c

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 8820b0d485cea35366f445e6c9ab2ea8
pragma: no-cache
date: Wed, 25 Aug 2021 05:51:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 403 / Show response
bedrapiona.com/5/3885755/ 382 B
801 B 89ms
39ms XHR
application/javascript 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3885755/?oo=1&js_build=2
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 37e3eee667f5f2ea8392b13b6de027122b4cbdda5bb8f716484ef1d7b5ea96d2

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: b7b9333a7278f682d87e6ece79eee8fa
pragma: no-cache
date: Wed, 25 Aug 2021 05:51:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 403 / Show response
bedrapiona.com/5/3894720/ 382 B
802 B 89ms
41ms XHR
application/javascript 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3894720/?oo=1&js_build=2
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: fd99823739b4b70c030b90b0498532c5f42dfd3ffe24928fd447d1c1a72ba357

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: b6815584b65fef8f4ab874898224a358
pragma: no-cache
date: Wed, 25 Aug 2021 05:51:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.clickupdate.gq
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ 209 KB
70 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8fa14172b32444a4f09fa8852585d20a3e993d726c1a7dccbd7980cbb36a834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71982
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 13:43:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 12:55:17 GMT

GET
H2 200 default Show response
www.clickupdate.gq/feeds/posts/ 41 KB
5 KB 534ms
534ms XHR
text/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickupdate.gq/feeds/posts/default?alt=json-in-script&max-results=20&callback=jQuery111107111210739375688_1629870682853&_=1629870682854

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

801deb8bafbf05a7d14bacb4bb9dc0cdf90e80ee18aaabead3dd0463a63a197c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default?alt=json-in-script&max-results=20&callback=jQuery111107111210739375688_1629870682853&_=1629870682854
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.clickupdate.gq
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://www.clickupdate.gq/
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.clickupdate.gq/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 01:12:32 GMT
server: blogger-renderd
etag: W/"4ff33be954a260862c7fae0ab7cd99b4da4b4cb69411ac8c274e1e0d512910e4"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 4803
x-xss-protection: 0
expires: Wed, 25 Aug 2021 05:51:27 GMT

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 78 KB
28 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25bb5656c33d86a7d4fde642323dc39e2080bd2931ce410c57a0d2bb83dbd57f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 05:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28320
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 19:30:03 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 25 Aug 2021 06:26:25 GMT

POST
H2 200 custom Show response
propu.sh/ 39 B
328 B 36ms
36ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/custom

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clickupdate.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 12a076843df5f33d4fa16eccd702e79f
date: Wed, 25 Aug 2021 05:51:26 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.clickupdate.gq
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
propu.sh/ Frame 0
0 30ms
29ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/custom
Protocol: H2
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.clickupdate.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 25 Aug 2021 05:51:26 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.clickupdate.gq
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK 3140.html Show response
aulteeby.net/ Frame 98E6 7 KB
2 KB 130ms
30ms Document
text/html 139.45.197.120
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aulteeby.net/3140.html

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.120 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

76de3ceb70e5bb21069e9f7cff2425a338652c50c821bd04950a70184228aced

Security Headers

Name	Value
Strict-Transport-Security	max-age=1 max-age=1
X-Content-Type-Options	nosniff nosniff

Request headers

Host: aulteeby.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clickupdate.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.clickupdate.gq/

Response headers

Server: nginx
Date: Wed, 25 Aug 2021 05:51:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=1 max-age=1
X-Content-Type-Options: nosniff nosniff
Timing-Allow-Origin: * *
Content-Encoding: gzip

GET
H/1.1 200
OK 05.html Show response
aulteeby.net/page/ Frame BC66 7 KB
2 KB 121ms
30ms Document
text/html 139.45.197.120
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aulteeby.net/page/05.html

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.120 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

76de3ceb70e5bb21069e9f7cff2425a338652c50c821bd04950a70184228aced

Security Headers

Name	Value
Strict-Transport-Security	max-age=1 max-age=1
X-Content-Type-Options	nosniff nosniff

Request headers

Host: aulteeby.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clickupdate.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.clickupdate.gq/

Response headers

Server: nginx
Date: Wed, 25 Aug 2021 05:51:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=1 max-age=1
X-Content-Type-Options: nosniff nosniff
Timing-Allow-Origin: * *
Content-Encoding: gzip

GET
H/1.1 200
OK 8.html Show response
aulteeby.net/ Frame BD42 7 KB
2 KB 96ms
30ms Document
text/html 139.45.197.120
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aulteeby.net/8.html

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.120 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

76de3ceb70e5bb21069e9f7cff2425a338652c50c821bd04950a70184228aced

Security Headers

Name	Value
Strict-Transport-Security	max-age=1 max-age=1
X-Content-Type-Options	nosniff nosniff

Request headers

Host: aulteeby.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clickupdate.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.clickupdate.gq/

Response headers

Server: nginx
Date: Wed, 25 Aug 2021 05:51:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=1 max-age=1
X-Content-Type-Options: nosniff nosniff
Timing-Allow-Origin: * *
Content-Encoding: gzip

GET
H/1.1 200
OK 9.html Show response
aulteeby.net/34/15117/9534/ Frame 56E1 7 KB
2 KB 75ms
30ms Document
text/html 139.45.197.120
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aulteeby.net/34/15117/9534/9.html

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.120 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

76de3ceb70e5bb21069e9f7cff2425a338652c50c821bd04950a70184228aced

Security Headers

Name	Value
Strict-Transport-Security	max-age=1 max-age=1
X-Content-Type-Options	nosniff nosniff

Request headers

Host: aulteeby.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clickupdate.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.clickupdate.gq/

Response headers

Server: nginx
Date: Wed, 25 Aug 2021 05:51:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=1 max-age=1
X-Content-Type-Options: nosniff nosniff
Timing-Allow-Origin: * *
Content-Encoding: gzip

GET
H/1.1 200
OK index.html Show response
aulteeby.net/70/ Frame BA13 7 KB
2 KB 31ms
31ms Document
text/html 139.45.197.120
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aulteeby.net/70/index.html

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.120 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

76de3ceb70e5bb21069e9f7cff2425a338652c50c821bd04950a70184228aced

Security Headers

Name	Value
Strict-Transport-Security	max-age=1 max-age=1
X-Content-Type-Options	nosniff nosniff

Request headers

Host: aulteeby.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clickupdate.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.clickupdate.gq/

Response headers

Server: nginx
Date: Wed, 25 Aug 2021 05:51:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=1 max-age=1
X-Content-Type-Options: nosniff nosniff
Timing-Allow-Origin: * *
Content-Encoding: gzip

GET
H/1.1 200
OK 23089.html Show response
aulteeby.net/54/3/59/ Frame 924D 7 KB
2 KB 31ms
30ms Document
text/html 139.45.197.120
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aulteeby.net/54/3/59/23089.html

Requested by

Host: www.clickupdate.gq
URL: https://www.clickupdate.gq/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.120 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

76de3ceb70e5bb21069e9f7cff2425a338652c50c821bd04950a70184228aced

Security Headers

Name	Value
Strict-Transport-Security	max-age=1 max-age=1
X-Content-Type-Options	nosniff nosniff

Request headers

Host: aulteeby.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clickupdate.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.clickupdate.gq/

Response headers

Server: nginx
Date: Wed, 25 Aug 2021 05:51:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=1 max-age=1
X-Content-Type-Options: nosniff nosniff
Timing-Allow-Origin: * *
Content-Encoding: gzip

Verdicts & Comments Add Verdict or Comment

215 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	(Line 1) Message: error_register_service_worker#start-error: TypeError: Cannot read property '0' of undefined
console-api	log	(Line 1) Message: SDK installer already started
console-api	log	(Line 1) Message: SDK installer already started
console-api	log	(Line 1) Message: SDK installer already started
console-api	log	(Line 1) Message: SDK installer already started
console-api	log	(Line 1) Message: SDK installer already started

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ajax.googleapis.com
apis.google.com
aulteeby.net
bedrapiona.com
choupsee.com
clickupdate.gq
connect.facebook.net
contextual.media.net
fonts.googleapis.com
fonts.gstatic.com
iclickcdn.com
kumteerg.com
lh6.googleusercontent.com
loulouly.net
netdna.bootstrapcdn.com
poacawhe.net
propu.sh
static01.nyt.com
stawhoph.com
vistoolr.net
whugesto.net
www.blogger.com
www.clickupdate.gq
www.gstatic.com
zuphaims.com
139.45.197.120
139.45.197.234
139.45.197.235
139.45.197.246
139.45.197.247
139.45.197.250
139.45.197.251
151.101.13.164
2.18.235.93
216.239.34.21
2606:4700:20::ac43:4b09
2606:4700::6812:bcf
2a00:1450:4001:800::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2013
2a00:1450:4001:812::2003
2a00:1450:4001:813::2009
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2003
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0344a586424b8b96afd8a6336ad1b7778984dae329acce3ab30956f98aa755d6
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
080db4d4bde99244a12033d3d3ef713589695132e9e145ca03487c72d9e38c79
09abfa0ae4b09cbd3bcd16e255a5b26a3de0229486d0b2d7eaeb69e86202fe1f
0b459641ae8df5bd51b14516edb3e1e7bfc953ca260b7ccd8395d310c478f8d8
0c85d7fd3ad4d2f4c68b6fe64e27f79cd71c38580a99fa9430493a730800fae5
0cc7138a7787292e4cfb5b3d96d041debecdaf6a52f4c9665929415fa33e4a17
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
12eb54bdf346cfe3535388de09728c365d3ac2595ae0b21cc70b26fba42f2971
19488898d35fbceeae75ecdf6f77c0680d670b38ca375f5cedc0c0c227e6f1cc
224d95cce08108610c46ef4134793dbdd619e43e90e9d9cf42716a08f45222f9
2360ab674501de31dffbfb5a374a09f4cf4af9277c3040d396971207a02f4ced
25bb5656c33d86a7d4fde642323dc39e2080bd2931ce410c57a0d2bb83dbd57f
2ba6c74496a1a76c09e503677e1588f8ecd0941b148bcb7f894e25c27ab9d80f
2e46b55ec98fc5d5d0ba152c7a0d87ddca6d6a3629849e909e13309cd9602956
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
37e3eee667f5f2ea8392b13b6de027122b4cbdda5bb8f716484ef1d7b5ea96d2
3b0b50ef0841f56abf2f3070bd762c0658941bd8cfc8d231542322ffd009e550
3cf1034c3ae5ee773bd0deb3c180447c5e44b85e46c95d386622d6312f5fb550
41da54225542e07bd041003921dab689ecc0658d66dabb0f12eab56399e73e86
423108cab57c13e62d0ccf91bfa1bc50f1d774b22fe647d3c9a62fc8fac4c287
426d9d7b609164484ef83ab3eb383c2dda83f96feb147b82375dba814554f266
4aff1d6b9cd1d955edeaef9cab009fa141654c4ffa18c1a9308bc419e770ac9f
4d431bd3a69d3996b87e585fd3115d423c5667ae3ba58c2b1571e036dfa865be
50bcd13421879497612e61d66c2621b284c6bfa543c908cb6a0b10669e95467a
510c60019bdbe12eb05628a06615aa89baf2393251f8278a7c695df519837463
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
596e87b56c752f998db675bfabe296e478920eb09103550287d234d9ef4c8f4c
5b44a3a80a8754c7c8eb45d4b3a6d99d9b3e029c0804c68d900cf5ac44c7b7c0
6c4956683e1275f67daf349f158620f005d39f505298103b5fb13bd591be1db3
6cbd9403fe924e84c6ec7e77f6172f469a957661d2390fa3650f9040d91200e3
6fd96517dd6c1ef5bce526128dd35d112086a5716a69066403a3e5a9267b6990
731ee3bbaa9f2fd92879f9087c9fbbf7438d3a52595c6c8a8020bb2a69b7afd6
7447d4738d01228e1b37d131be050c8aa47a5ea48b5fa9aaccb180824f652925
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
76de3ceb70e5bb21069e9f7cff2425a338652c50c821bd04950a70184228aced
77240f7b0f589c839887b0ec8cf0591b81d108117958aa5d14ce38036385f1f4
7c0a2fa852c026c3cebb0d1677cf0c948fa9205b80ecb3eff3ad22f903eb132f
801deb8bafbf05a7d14bacb4bb9dc0cdf90e80ee18aaabead3dd0463a63a197c
80be3c49e30662cd7a062b6b2d678b9ea5b86ef4cb07d47a16967c0db6eac0ad
8ba06da9e3b2565103c9ba09aa56fe85809aa49d218de985fbae4381b3c75d5e
95bd1e272a1ed2b49ab26b7cfad4ad65d0f647001c225f3d03e7fa94c5a9b107
9b601ea927f1cdc119f2157a20ce00a4c18d7669d9da4d66c1b7b04387d1cc26
9d5ce4853857058bcfa2acacc5e4ab58cbb35466a919e0c21d8ff592e8f1be74
9dbbb52e23ebff1b66e672e1e0f3a501c1f8086dedf7f8da779c2f5d9c2f5f29
b2ecca0ab1df47f983243aeba286b2bce51748c0f4cd21fceb3abfa33390554c
bd83ba7c285bf8685e3cc4232be4bd558d44ed42ade40a4ac6989113865a86e3
c0c91df80d1811612a62d62d8a2478b19b45e8e3e505254783a0b34619612ac0
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
d1619e5b75fcdd1f81277bc4fea6c05f38b26739f33454ce88d26631f7ed32b3
d4b975a4f3224432a7d13e56a18ec33cceb45a3aad0eed3b41a041a8c80a5ef6
d8a541328a3381b808282fcc340d0df0b9a5756a7e5874125d93c2ed9de485ec
dda4be3411b1db8eb35137039acb42ffdbd6521aae1354ec659e14aced216bfb
e357c79acdc37b1a7632681bb467526814d6b6a49bbb12dcd26e011bc4685616
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f52a77f6fdc00a82ed4f9006e42d1341a50553ca3ac9ff028ca0e8a4c12fff
ec73075ca8e52e12ceb8f712b0489ee11abc2249ef98e0157df9befcbb2c0f28
ed50201af309dd1e3964d5874dd2663e2e66326102efd8eecfec4a64fa731691
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4513657e2548edc52a5143900dd01969a0bf43b46c204802da310c94a1ffb17
f6390c8d956a7f64e65782ade728dd1c30881b91d6c155e8b00930277fd74bef
f8fa14172b32444a4f09fa8852585d20a3e993d726c1a7dccbd7980cbb36a834
fd99823739b4b70c030b90b0498532c5f42dfd3ffe24928fd447d1c1a72ba357
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

www.clickupdate.gq Open in urlscan Pro 2a00:1450:4001:810::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

100 %HTTPS

60 %IPv6

23 Domains

29 Subdomains

25 IPs

3 Countries

2139 kBTransfer

4329 kBSize

0 Cookies

19 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.clickupdate.gq Open in urlscan Pro
2a00:1450:4001:810::2013 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

100 %
HTTPS

60 %
IPv6

23
Domains

29
Subdomains

25
IPs

3
Countries

2139 kB
Transfer

4329 kB
Size

0
Cookies

95 HTTP transactions
1 data transactions