Sponsored by

jpg4.us
107.154.161.209 

Go To Report
URL: http://jpg4.us/
Submission: On October 30 via manual from SG
 Behaviour IoCs
Similar DOM Content API

Summary

This website contacted 20 IPs in 6 countries across 19 domains to perform 37 HTTP transactions.
The main IP is 107.154.161.209, located in Redwood City, United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is jpg4.us.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 107.154.161.209 19551 (INCAPSULA)
3 2606:4700:30:... 13335 (CLOUDFLAR...)
5 104.111.242.105 16625 (AKAMAI-AS)
1 111.90.151.67 45839 (SHINJIRU-...)
2 52.69.74.2 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.2.109 54113 (FASTLY)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 1 ()
1 2a00:1450:400... 15169 (GOOGLE)
1 3 151.101.120.134 54113 (FASTLY)
5 11 2a02:6b8::1:119 13238 (YANDEX)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2 149.5.244.142 174 (COGENT-174)
3 2400:cb00:204... 13335 (CLOUDFLAR...)
2 151.101.128.134 54113 (FASTLY)
1 52.69.95.9 16509 (AMAZON-02)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
37 20
1    107.154.161.209 (Redwood City, United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.161.209.ip.incapdns.net
3    2606:4700:30::ac40:af10 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
5    104.111.242.105 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-242-105.deploy.static.akamaitechnologies.com
1    111.90.151.67 (Damansara, Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
2    52.69.74.2 (Tokyo, Japan)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-69-74-2.ap-northeast-1.compute.amazonaws.com
1    2a00:1450:400c:c0c::61 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
1    2a00:1450:4001:80b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
1    151.101.2.109 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
1    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
1    (None, )

ASN- ()
1    2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
3    151.101.120.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
11    2a02:6b8::1:119 (Russian Federation)

ASN13238 (YANDEX, RU)
1    2a03:2880:f01a:5:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
2    149.5.244.142 (United States)

ASN174 (COGENT-174 - Cogent Communications, US)
3    2400:cb00:2048:1::6810:50a6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
2    151.101.128.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
1    52.69.95.9 (Tokyo, Japan)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-69-95-9.ap-northeast-1.compute.amazonaws.com
3    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
1    2a00:1450:400c:c0c::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
1    2a00:1450:4001:816::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
1    2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
Domain
Subdomains		 Transfer
11 yandex.ru
10 KB
5 disqus.com
24 KB
5 asahi.com
3 KB
3 google-analytics.com
17 KB
3 disquscdn.com
197 KB
3 xrea.com
wj.ax.xrea.com Failed
7 KB
3 av4.xyz
41 KB
2 webvisor.org
1 KB
2 youtube.com
0 B
2 facebook.net
57 KB
1 google.de
378 B
1 google.com
178 B
1 doubleclick.net
166 B
1 facebook.com
0 B
1 jsdelivr.net
45 KB
1 ajax.googleapis.com
30 KB
1 googletagmanager.com
30 KB
1 jiito.net
10 KB
1 jpg4.us
7 KB
37 19
Domain Requested by
11 mc.yandex.ru 5 redirects jpg4.us
5 www.asahi.com jpg4.us
3 www.google-analytics.com 1 redirects www.googletagmanager.com
jpg4.us
3 c.disquscdn.com jpgnet.disqus.com
3 j1.ax.xrea.com jpg4.us
2 disqus.com jpgnet.disqus.com
2 mc.webvisor.org 1 redirects jpg4.us
2 jpgnet.disqus.com 1 redirects jpg4.us
2 www.youtube.com 1 redirects jpg4.us
2 connect.facebook.net 1 redirects jpg4.us
2 tag.av4.xyz jpg4.us
1 referrer.disqus.com jpg4.us
1 www.google.de jpg4.us
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 staticxx.facebook.com connect.facebook.net
1 cdn.jsdelivr.net tag.av4.xyz
1 ajax.googleapis.com tag.av4.xyz
1 www.googletagmanager.com jpg4.us
1 av.av4.xyz jpg4.us
1 jiito.net jpg4.us
1 jpg4.us
0 wj.ax.xrea.com Failed j1.ax.xrea.com
37 23
Subject / Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3		 2018-10-09 -
2019-01-01		 3 months
*.googleapis.com
Google Internet Authority G3		 2018-10-09 -
2019-01-01		 3 months
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2018-10-21 -
2019-04-27		 6 months
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year
*.google.com
Google Internet Authority G3		 2018-10-09 -
2019-01-01		 3 months
*.disqus.com
DigiCert SHA2 Secure Server CA		 2018-03-28 -
2020-04-27		 2 years
bs.yandex.ru
Yandex CA		 2018-10-03 -
2019-10-03		 a year
mc.webvisor.org
Yandex CA		 2017-05-17 -
2019-05-17		 2 years
ssl565697.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-10-07 -
2019-04-15		 6 months
www.google.de
Google Internet Authority G3		 2018-10-09 -
2019-01-01		 3 months

Screenshot
Live screenshot
Full Image

Detected technologies

Web
Overall confidence: 20%
Detected patterns
  • env /^Rx$/i
Web
Overall confidence: 100%
Detected patterns
  • env /^DISQUS/i
Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Web
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Web
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://jpg4.us/
Protocol
HTTP/1.1
Server
107.154.161.209 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.161.209.ip.incapdns.net
Software
/
Resource Hash
71f35af4bbc2ebc8d154e6313e30efcb2303ec666ab358451df531603b644967

Request headers

Host
jpg4.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Etag
"85b96244"
Content-Type
text/html; charset=UTF-8
Content-Length
6527
Content-Encoding
gzip
Cache-Control
max-age=190, public
Expires
Tue, 30 Oct 2018 14:27:49 GMT
Date
Tue, 30 Oct 2018 14:24:39 GMT
Set-Cookie
visid_incap_1138001=YQkuVjCdTrWGePAOj8Oc46dp2FsAAAAAQUIPAAAAAABzFupolg1IA8mrquBpE7k5; expires=Wed, 30 Oct 2019 07:09:06 GMT; path=/; Domain=.jpg4.us incap_ses_889_1138001=urcsAKXW9VGy6e8GZF1WDKdp2FsAAAAA7d7y5pcqD+YwEFDxzIwo7A==; path=/; Domain=.jpg4.us
X-Iinfo
14-179966242-0 0CNN RT(1540909479750 0) q(0 -1 -1 0) r(0 -1)
X-CDN
Incapsula
index.php?js=aaa
tag.av4.xyz 		95 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.av4.xyz/index.php?js=aaa
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Server
2606:4700:30::ac40:af10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3400d1e557d313c3ce683db6e3a2b7a7bc3e4f489ffcc4f8c071a9581c8b3ac

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 14:24:40 GMT
Content-Encoding
gzip
imghost
2400:2651:281:e700:e9d:92ff:fe7f:9cetag.av4.xyzmh--DE-rm:2400:cb00:71:1024::a29e:5d71/index.php?js=aaa
CF-Cache-Status
HIT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
471e8bfb51db97ce-FRA
Expires
Tue, 30 Oct 2018 18:24:40 GMT
icn_bookmark_a.gif
www.asahi.com/images08/common 		90 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.asahi.com/images08/common/icn_bookmark_a.gif
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Server
104.111.242.105 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-242-105.deploy.static.akamaitechnologies.com
Software
Apache/2 /
Resource Hash
142ff5d598c4a7fd9e3bc896a775b3e143e1b54d8356a985f67ad70fdfd02f4f

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 14:24:40 GMT
Last-Modified
Mon, 30 Nov 2009 08:01:30 GMT
Server
Apache/2
ETag
"6048107-5a-479920c932a80"
Content-Type
image/gif
Cache-Control
max-age=256
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90
Expires
Tue, 30 Oct 2018 14:28:56 GMT
Adblocked icn_tool_twitter.gif
www.asahi.com/images08/common 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.asahi.com/images08/common/icn_tool_twitter.gif
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Server
104.111.242.105 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-242-105.deploy.static.akamaitechnologies.com
Software
Apache/2 /
Resource Hash
e2474ce79afafc42ddc85fb2a5f8f584b13c60e4ca5bdf6a2fc9a00881ae537f
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 14:24:40 GMT
Last-Modified
Fri, 08 Jun 2012 01:35:13 GMT
Server
Apache/2
ETag
"6048120-53f-4c1ec02f69640"
Content-Type
image/gif
Cache-Control
max-age=15
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1343
Expires
Tue, 30 Oct 2018 14:24:55 GMT
icn_bookmark_c.gif
www.asahi.com/images08/common 		159 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.asahi.com/images08/common/icn_bookmark_c.gif
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Server
104.111.242.105 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-242-105.deploy.static.akamaitechnologies.com
Software
Apache/2 /
Resource Hash
411f2fb995f07d935b87424433dea891fe77130dfd9178114bc963a7330c40e9

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 14:24:40 GMT
Last-Modified
Thu, 05 Jun 2008 09:47:42 GMT
Server
Apache/2
ETag
"6048109-9f-44ee83c8b8b80"
Content-Type
image/gif
Cache-Control
max-age=226
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
159
Expires
Tue, 30 Oct 2018 14:28:26 GMT
icn_bookmark_d.gif
www.asahi.com/images08/common 		275 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.asahi.com/images08/common/icn_bookmark_d.gif
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Server
104.111.242.105 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-242-105.deploy.static.akamaitechnologies.com
Software
Apache/2 /
Resource Hash
ae18cfdd1dd9b7da71e04365f35a6f97183a7ae9ce4f0c7a78e2a762c12fa1c9

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 14:24:40 GMT
Last-Modified
Thu, 05 Jun 2008 09:47:42 GMT
Server
Apache/2
ETag
"d299e-113-3c8b8b80"
Content-Type
image/gif
Cache-Control
max-age=47
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
275
Expires
Tue, 30 Oct 2018 14:25:27 GMT
icn_bookmark_e.gif
www.asahi.com/images08/common 		108 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.asahi.com/images08/common/icn_bookmark_e.gif
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Server
104.111.242.105 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-242-105.deploy.static.akamaitechnologies.com
Software
Apache/2 /
Resource Hash
f5ec7ce2243cb932286f01c2a82b3e236dacc26669fb7a9b82876fc801397e3c

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 14:24:40 GMT
Last-Modified
Thu, 05 Jun 2008 09:47:42 GMT
Server
Apache/2
ETag
"604810b-6c-44ee83c8b8b80"
Content-Type
image/gif
Cache-Control
max-age=43
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108
Expires
Tue, 30 Oct 2018 14:25:23 GMT
jpg4us.png
tag.av4.xyz 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tag.av4.xyz/jpg4us.png
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Server
2606:4700:30::ac40:af10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
14b84faea36611516d9a4ff02d89b9b0d7167a718584f92bf4d597d3f661664e

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 14:24:40 GMT
CF-Cache-Status
HIT
Server
cloudflare
ETag
"2a82-5499bcea176c0"
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
471e8bfbd21597ce-FRA
Content-Length
10882
Expires
Sat, 03 Nov 2018 18:24:40 GMT
jiito.jpg
jiito.net 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jiito.net/jiito.jpg
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Server
111.90.151.67 Damansara, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/7.0.31 / PHP/7.0.31
Resource Hash
4454af3e23a441a438966f02d3359d17864855f1496aa6d565cd226859829858

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 14:24:42 GMT
98prxHost
111.90.151.67-hh-jiito.netmh--rm148.251.45.254rmhost-static.254.45.251.148.clients.your-server.de-acptlan
X-Powered-By
PHP/7.0.31
86proxuri
/jiito.jpg
Server
Apache/2.4.6 (CentOS) PHP/7.0.31
196prxHost
111.90.151.67-hh-jiito.netmh--rm148.251.45.254rmhost-static.254.45.251.148.clients.your-server.de-acptlan
Connection
close
135prxHost
111.90.151.67-hh-jiito.netmh--rm148.251.45.254rmhost-static.254.45.251.148.clients.your-server.de-acptlan
Content-Length
9188
316pxxline
-len=9188-111.90.151.67-http://126.48.233.129/jiito.jpg-hst-jiito.net
62$hostgot
static.254.45.251.148.clients.your-server.de
97phosttRef
http://jpg4.us/
xxline
406-len=9188-111.90.151.67--rm148.251.45.254
ETag
"23e4-5499bcea176c0"
Vary
Host
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
129prxHost
111.90.151.67-hh-jiito.netmh--rm148.251.45.254rmhost-static.254.45.251.148.clients.your-server.de-acptlan
Cache-Control
max-age=360000, public
259pxline
ip-111.90.151.67-http://126.48.233.129/jiito.jpg
96prxHost
111.90.151.67-hh-jiito.netmh--rm148.251.45.254rmhost-static.254.45.251.148.clients.your-server.de-acptlan
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cake
262prline
AV4.us.jpg
av.av4.xyz 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://av.av4.xyz/AV4.us.jpg
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Server
2606:4700:30::ac40:af10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.0.22
Resource Hash
bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 14:24:40 GMT
97prxHost
2001:ce8:6b:e::a5ce:0-hh-av.av4.xyzmh--DErm2400:cb00:71:1024::a29e:587crmhost--acptlanar
134prxHost
2001:ce8:6b:e::a5ce:0-hh-av.av4.xyzmh--DErm2400:cb00:71:1024::a29e:587crmhost--acptlanar
X-Powered-By
PHP/7.0.22
CF-Cache-Status
HIT
xxline
401-len=8741-2001:ce8:6b:e::a5ce:0--rm2400:cb00:71:1024::a29e:587c
Connection
keep-alive
Content-Length
8741
235pxline
ip-2001:ce8:6b:e::a5ce:0-http://fix-ip6.fc2av.com/AV4.us.jpg
257prline
95prxHost
2001:ce8:6b:e::a5ce:0-hh-av.av4.xyzmh--DErm2400:cb00:71:1024::a29e:587crmhost--acptlanar
Server
cloudflare
Cache-Control
public, max-age=360000
ETag
"2225-5499bcea176c0"
128prxHost
2001:ce8:6b:e::a5ce:0-hh-av.av4.xyzmh--DErm2400:cb00:71:1024::a29e:587crmhost--acptlanar
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
311pxxline
-len=8741-2001:ce8:6b:e::a5ce:0-http://fix-ip6.fc2av.com/AV4.us.jpg-hst-av.av4.xyz
85proxuri
/AV4.us.jpg
96phosttRef
Accept-Ranges
bytes
CF-RAY
471e8bfc14c89792-FRA
Access-Control-Allow-Headers
Cake
195prxHost
2001:ce8:6b:e::a5ce:0-hh-av.av4.xyzmh--DErm2400:cb00:71:1024::a29e:587crmhost--acptlanar
Expires
Sat, 03 Nov 2018 18:24:40 GMT
l.j?id=100640546&
j1.ax.xrea.com 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://j1.ax.xrea.com/l.j?id=100640546&
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Server
52.69.74.2 Tokyo, Japan, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-69-74-2.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9d361ddf04b76a91a9ea72b59497c1c3706a9cbbe6e1524614cbe9195fd46f6f

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 14:24:40 GMT
Last-Modified
Fri, 09 Oct 2015 12:38:47 GMT
Server
nginx
ETag
"5617b557-1928"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6440
Adblocked js?id=UA-620120-3
www.googletagmanager.com/gtag 		83 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-620120-3
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400c:c0c::61 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
7a55635c186cd96a00c29cc0f7308986c1c2027e7853db95a9494abffccf09cf
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 14:24:40 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
30174
x-xss-protection
1; mode=block
expires
Tue, 30 Oct 2018 14:24:40 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: tag.av4.xyz
URL: http://tag.av4.xyz/index.php?js=aaa
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 02 Oct 2018 10:29:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2433312
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
30399
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jan 2018 15:33:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2019 10:29:28 GMT
Adblocked watch.js
cdn.jsdelivr.net/npm/yandex-metrica-watch 		132 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Requested by
Host: tag.av4.xyz
URL: http://tag.av4.xyz/index.php?js=aaa
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
8710921de1e06750bde854a1492410cd2de7323c22b069f789c5f3c31a5bae36
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
content-length
45498
etag
W/"20e12-OgkI+B0kJBKUYsSuDNGKJwUnLhw"
x-served-by
cache-ams4135-AMS, cache-fra19123-FRA
date
Tue, 30 Oct 2018 14:24:40 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
all.js
connect.facebook.net/ja_JP
Redirect Chain
  • http://connect.facebook.net/ja_JP/all.js
  • https://connect.facebook.net/ja_JP/all.js
187 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/all.js
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
baa6381b2ebbe0fe666161b0dd3b8c2ab6bbe7e846d056ac6f06e97755af0a2a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
c2j9ijfgOBLPpge+BTY3/A==
status
200
content-length
57935
x-xss-protection
0
x-fb-debug
Vf/T5Y1/jdH4G65BXDfIT8UEnH7FqY5w+taxRzSmJI90t+JZ8kxOIr0nFvacKuLjyNrEp3/g+P31K242LPGPOw==
x-fb-content-md5
f5e49a5ee5f2ded9c4b2db00e3767a10
x-frame-options
DENY
date
Tue, 30 Oct 2018 14:24:40 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a92f8fe5ae1bdd2c8ce1e162c744d690"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
timing-allow-origin
*
expires
Tue, 30 Oct 2018 14:38:42 GMT

Redirect headers

Location
https://connect.facebook.net/ja_JP/all.js#xfbml=1
Non-Authoritative-Reason
HSTS
E6ylRXgfSFY?rel=0&hl=ja&fs=1&related=0&hideinfos=1&iv_load_policy=3&modestbranding=1
www.youtube.com/embed
Redirect Chain
  • http://www.youtube.com/embed/E6ylRXgfSFY?rel=0&hl=ja&fs=1&related=0&hideinfos=1&iv_load_policy=3&modestbranding=1
  • https://www.youtube.com/embed/E6ylRXgfSFY?rel=0&hl=ja&fs=1&related=0&hideinfos=1&iv_load_policy=3&modestbranding=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/E6ylRXgfSFY?rel=0&hl=ja&fs=1&related=0&hideinfos=1&iv_load_policy=3&modestbranding=1
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/E6ylRXgfSFY?rel=0&hl=ja&fs=1&related=0&hideinfos=1&iv_load_policy=3&modestbranding=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://jpg4.us/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://jpg4.us/

Response headers

status
200
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 EST
cache-control
no-cache
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info."
content-encoding
gzip
date
Tue, 30 Oct 2018 14:24:40 GMT
server
YouTube Frontend Proxy
set-cookie
VISITOR_INFO1_LIVE=ZJLpGGDt_Wk; path=/; domain=.youtube.com; expires=Sun, 28-Apr-2019 14:24:40 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Mon, 01-Jul-2019 02:17:40 GMT VISITOR_INFO1_LIVE=ZJLpGGDt_Wk; path=/; domain=.youtube.com; expires=Sun, 28-Apr-2019 14:24:40 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Tue, 30-Oct-2018 14:54:40 GMT YSC=amYqc9GfNEI; path=/; domain=.youtube.com; httponly
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

Location
https://www.youtube.com/embed/E6ylRXgfSFY?rel=0&hl=ja&fs=1&related=0&hideinfos=1&iv_load_policy=3&modestbranding=1
Non-Authoritative-Reason
HSTS
embed.js
jpgnet.disqus.com
Redirect Chain
  • http://jpgnet.disqus.com/embed.js
  • https://jpgnet.disqus.com/embed.js
63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jpgnet.disqus.com/embed.js
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
03b3e942914498e15602d43432342c2c7502a1b8705f9c4bff55e7833a8310df
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 14:24:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
94
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20421
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 29 Oct 2018 19:14:20 GMT
Server
nginx
ETag
"5bd75c0c-4fc5"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=300
Timing-Allow-Origin
*
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

Redirect headers

Date
Tue, 30 Oct 2018 14:24:40 GMT
Server
Varnish
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
text/html
Location
https://jpgnet.disqus.com/embed.js
Cache-Control
public, max-age=31536000
Connection
close
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
219
1?wmode=7&page-ref=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Av%3A1285%3Ast%3A1540909480%3Au%3A1540909480366968289%3Ahi%3A
mc.yandex.ru/watch/3
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-ref=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Av%3A1285%3Ast%3A1540909480%3Au%3A1540909480366968289%3Ahi%3A
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Av%3A1285%3Ast%3A1540909480%3Au%3A1540909480366968289%3Ahi%3A
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Av%3A1285%3Ast%3A1540909480%3Au%3A1540909480366968289%3Ahi%3A
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Oct 2018 14:24:40 GMT
Last-Modified
Tue, 30-Oct-2018 14:24:40 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
http://jpg4.us
Strict-Transport-Security
max-age=31536000
Location
/watch/3/1?wmode=7&page-ref=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Av%3A1285%3Ast%3A1540909480%3Au%3A1540909480366968289%3Ahi%3A
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 30-Oct-2018 14:24:40 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 Oct 2018 14:24:40 GMT
Last-Modified
Tue, 30-Oct-2018 14:24:40 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
http://jpg4.us
Strict-Transport-Security
max-age=31536000
Location
/watch/3/1?wmode=7&page-ref=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Av%3A1285%3Ast%3A1540909480%3Au%3A1540909480366968289%3Ahi%3A
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 30-Oct-2018 14:24:40 GMT
__Bz3h5RzMx.js?version=42
staticxx.facebook.com/connect/xd_arbiter/r 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/__Bz3h5RzMx.js?version=42
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/all.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01a:5:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/__Bz3h5RzMx.js?version=42
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://jpg4.us/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://jpg4.us/

Response headers

status
200
expires
Tue, 29 Oct 2019 11:56:05 GMT
cache-control
public,max-age=31536000,immutable
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
vary
Accept-Encoding
content-encoding
gzip
x-fb-debug
njfeG61bScYsakd7TKnMrkA9xsp1NfGfEHTwBV40upcUz7TBQ82vlZCbeaJKXMPtMm8W7cJ5bt56edCGZVrnew==
content-length
12744
date
Tue, 30 Oct 2018 14:24:40 GMT
Adblocked 1?wmode=7&page-ref=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Av%3A1285%3Ast%3A1540909480%3Au%3A1540909480366968289%3Ahi%3A
mc.yandex.ru/watch/3 		35 B
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Av%3A1285%3Ast%3A1540909480%3Au%3A1540909480366968289%3Ahi%3A
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jpg4.us/
Origin
http://jpg4.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 30 Oct 2018 14:24:40 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 30-Oct-2018 14:24:40 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://jpg4.us
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
35
X-XSS-Protection
1; mode=block
Expires
Tue, 30-Oct-2018 14:24:40 GMT
sync_cookie_image_decide?token=1956.g99rHZtjU6-_uwSwx2UVoAgIEaJSiZqK7QMv0OpwOws8ny3HWIvpyymPMVtUfxEhf_i2Mu-X_9rNFNFSHgXd7w%2C%2C.hO2sQvvw685sfDdmADyuuMWkxrA%2C
mc.webvisor.org
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=1956.agg6nYlu5E8Yyjjw3RYujj3TAKawSSqbhjW8_vAKmEySOI649AEredHsCjFkROPN.yJaQ8BrS8glnJ-G7MySyZhlNjs4%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=1956.g99rHZtjU6-_uwSwx2UVoAgIEaJSiZqK7QMv0OpwOws8ny3HWIvpyymPMVtUfxEhf_i2Mu-X_9rNFNFSHgXd7w%2C%2C.hO2sQvvw685sfDdmADyuuMWkxrA%2C
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=1956.g99rHZtjU6-_uwSwx2UVoAgIEaJSiZqK7QMv0OpwOws8ny3HWIvpyymPMVtUfxEhf_i2Mu-X_9rNFNFSHgXd7w%2C%2C.hO2sQvvw685sfDdmADyuuMWkxrA%2C
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.5.244.142 , United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Oct 2018 14:24:40 GMT
Last-Modified
Tue, 30 Oct 2018 14:24:40 GMT
Server
nginx/1.12.2
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Expires
Tue, 30 Oct 2018 14:24:40 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 Oct 2018 14:24:40 GMT
Last-Modified
Tue, 30 Oct 2018 14:24:40 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Location
https://mc.webvisor.org/sync_cookie_image_decide?token=1956.g99rHZtjU6-_uwSwx2UVoAgIEaJSiZqK7QMv0OpwOws8ny3HWIvpyymPMVtUfxEhf_i2Mu-X_9rNFNFSHgXd7w%2C%2C.hO2sQvvw685sfDdmADyuuMWkxrA%2C
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 30 Oct 2018 14:24:40 GMT
lounge.d49f53e192b9080ef8880a7c9b24f1c3.css
c.disquscdn.com/next/embed/styles 		102 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.d49f53e192b9080ef8880a7c9b24f1c3.css
Requested by
Host: jpgnet.disqus.com
URL: https://jpgnet.disqus.com/embed.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8d842dc045c65986e7b50952261d47b62cab35c5829700e90d1965ec11692e3
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 14:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
19425
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Fri, 26 Oct 2018 00:31:19 GMT
server
cloudflare
fastly-debug-digest
eb1006ce43d6cade1496acb1e51569c1d94dd6f363a0a4e497669b5cee0f6289
etag
"5bd26057-4be1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-ray
471e8bfe8f1996be-FRA
expires
Sat, 26 Oct 2019 18:02:22 GMT
common.bundle.18932c85febf9520158697cdc31f08ae.js
c.disquscdn.com/next/embed 		242 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.18932c85febf9520158697cdc31f08ae.js
Requested by
Host: jpgnet.disqus.com
URL: https://jpgnet.disqus.com/embed.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a100e19a099737c0b9eec9c19b6fc7de17e16c2d25e3a89fca20778e98abc6
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 14:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
82684
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Tue, 09 Oct 2018 20:47:01 GMT
server
cloudflare
fastly-debug-digest
b18a35687fb6f9be652456ef708b8bccc57b9a97da44487936422a8a2012c75b
etag
"5bbd13c5-142fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-ray
471e8bfe8f1b96be-FRA
expires
Wed, 09 Oct 2019 20:57:55 GMT
lounge.bundle.53ce1bd42cd56ff599219e9d5c200428.js
c.disquscdn.com/next/embed 		369 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.53ce1bd42cd56ff599219e9d5c200428.js
Requested by
Host: jpgnet.disqus.com
URL: https://jpgnet.disqus.com/embed.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fabcdfb24504a16930326e89b6ae5d807374e5b74966910d21b2a329fbb18b28
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 14:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
98324
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Mon, 29 Oct 2018 19:14:20 GMT
server
cloudflare
fastly-debug-digest
b527851f0883645f34ef441ac1cc99d4f65b18d2e4ec7566e16c0a9e278f9e82
etag
"5bd75c0c-18014"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-ray
471e8bfe8f1a96be-FRA
expires
Tue, 29 Oct 2019 21:39:02 GMT
config.js
disqus.com/next 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: jpgnet.disqus.com
URL: https://jpgnet.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
c8ca200730ac9ce81c383bcaae625c5003930baade34e32b72b0ced38aaec320
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 14:24:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
9
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2568
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Timing-Allow-Origin
*
1?wmode=7&page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181030142440%3Ae...
mc.yandex.ru/watch/48140495
Redirect Chain
  • https://mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A...
  • https://mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181030142440%3Aet%3A1540909481%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A679193474%3Ahid%3A297049122%3Ads%3A12%2C91%2C92%2C0%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A406%3Awn%3A15136%3Ahl%3A2%3Agdpr%3A14%3Aeu%3A1%3Av%3A1285%3Ast%3A1540909481%3Au%3A1540909480366968289%3Ahi%3A%3At%3AJPG4.us%E7%84%A1%E6%96%99%E7%94%BB%E5%83%8F%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81AV4.us%E5%8B%95%E7%94%BB%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%80%81%E3%82%B0%E3%83%A9%E3%83%93%E3%82%A2%E3%80%81%E3%82%A2%E3%82%A4%E3%82%B3%E3%83%A9%E3%80%81%E3%81%8A%E5%AE%9D%E5%86%99%E7%9C%9F%E3%80%81%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E3%80%81%E7%84%A1%E4%BF%AE%E6%AD%A3%E3%80%81%E6%B5%81%E5%87%BA%E3%80%81av
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Oct 2018 14:24:40 GMT
Last-Modified
Tue, 30-Oct-2018 14:24:40 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
http://jpg4.us
Strict-Transport-Security
max-age=31536000
Location
/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181030142440%3Aet%3A1540909481%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A679193474%3Ahid%3A297049122%3Ads%3A12%2C91%2C92%2C0%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A406%3Awn%3A15136%3Ahl%3A2%3Agdpr%3A14%3Aeu%3A1%3Av%3A1285%3Ast%3A1540909481%3Au%3A1540909480366968289%3Ahi%3A%3At%3AJPG4.us%E7%84%A1%E6%96%99%E7%94%BB%E5%83%8F%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81AV4.us%E5%8B%95%E7%94%BB%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%80%81%E3%82%B0%E3%83%A9%E3%83%93%E3%82%A2%E3%80%81%E3%82%A2%E3%82%A4%E3%82%B3%E3%83%A9%E3%80%81%E3%81%8A%E5%AE%9D%E5%86%99%E7%9C%9F%E3%80%81%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E3%80%81%E7%84%A1%E4%BF%AE%E6%AD%A3%E3%80%81%E6%B5%81%E5%87%BA%E3%80%81av
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 30-Oct-2018 14:24:40 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 Oct 2018 14:24:40 GMT
Last-Modified
Tue, 30-Oct-2018 14:24:40 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
http://jpg4.us
Strict-Transport-Security
max-age=31536000
Location
/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181030142440%3Aet%3A1540909481%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A679193474%3Ahid%3A297049122%3Ads%3A12%2C91%2C92%2C0%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A406%3Awn%3A15136%3Ahl%3A2%3Agdpr%3A14%3Aeu%3A1%3Av%3A1285%3Ast%3A1540909481%3Au%3A1540909480366968289%3Ahi%3A%3At%3AJPG4.us%E7%84%A1%E6%96%99%E7%94%BB%E5%83%8F%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81AV4.us%E5%8B%95%E7%94%BB%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%80%81%E3%82%B0%E3%83%A9%E3%83%93%E3%82%A2%E3%80%81%E3%82%A2%E3%82%A4%E3%82%B3%E3%83%A9%E3%80%81%E3%81%8A%E5%AE%9D%E5%86%99%E7%9C%9F%E3%80%81%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E3%80%81%E7%84%A1%E4%BF%AE%E6%AD%A3%E3%80%81%E6%B5%81%E5%87%BA%E3%80%81av
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 30-Oct-2018 14:24:40 GMT
&rf=&sw=1600&sh=1200&cd=24&je=&pf=0&cc=&bt=JPG4.us%E7%84%A1%E6%96%99%E7%94%BB%E5%83%8F%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81AV4.us%E5%8B%95%E7%94%BB%E6%A4%9C%E7%B4%A2%E3%82...
wj.ax.xrea.com/l147.f?&x=785189211&id=100640546&url=http://jpg4.us 		0
0
x.gif
j1.ax.xrea.com 		0
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://j1.ax.xrea.com/x.gif
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Server
52.69.74.2 Tokyo, Japan, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-69-74-2.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
ts.gif
j1.ax.xrea.com 		280 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://j1.ax.xrea.com/ts.gif
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Server
52.69.95.9 Tokyo, Japan, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-69-95-9.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f1dde880d0ae083fde02a4c2b8023d2890b02228e30ca907a774514ee723e950

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 14:24:41 GMT
Last-Modified
Tue, 20 Oct 2015 07:57:24 GMT
Server
nginx
ETag
"5625f3e4-118"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
280
Adblocked analytics.js
www.google-analytics.com 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-620120-3
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Oct 2018 19:41:26 GMT
server
Golfe2
age
138
date
Tue, 30 Oct 2018 14:22:22 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17301
expires
Tue, 30 Oct 2018 16:22:22 GMT
?base=default&f=jpgnet&t_u=http%3A%2F%2Fjpg4.us%2F&t_d=JPG4.us%E7%84%A1%E6%96%99%E7%94%BB%E5%83%8F%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81AV4.us%E5%8B%95%E7%94%BB%E6%A4%9C%E7...
disqus.com/embed/comments 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=jpgnet&t_u=http%3A%2F%2Fjpg4.us%2F&t_d=JPG4.us%E7%84%A1%E6%96%99%E7%94%BB%E5%83%8F%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81AV4.us%E5%8B%95%E7%94%BB%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%80%81%E3%82%B0%E3%83%A9%E3%83%93%E3%82%A2%E3%80%81%E3%82%A2%E3%82%A4%E3%82%B3%E3%83%A9%E3%80%81%E3%81%8A%E5%AE%9D%E5%86%99%E7%9C%9F%E3%80%81%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E3%80%81%E7%84%A1%E4%BF%AE%E6%AD%A3%E3%80%81%E6%B5%81%E5%87%BA%E3%80%81av&t_t=JPG4.us%E7%84%A1%E6%96%99%E7%94%BB%E5%83%8F%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81AV4.us%E5%8B%95%E7%94%BB%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%80%81%E3%82%B0%E3%83%A9%E3%83%93%E3%82%A2%E3%80%81%E3%82%A2%E3%82%A4%E3%82%B3%E3%83%A9%E3%80%81%E3%81%8A%E5%AE%9D%E5%86%99%E7%9C%9F%E3%80%81%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E3%80%81%E7%84%A1%E4%BF%AE%E6%AD%A3%E3%80%81%E6%B5%81%E5%87%BA%E3%80%81av&s_o=default
Requested by
Host: jpgnet.disqus.com
URL: https://jpgnet.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://jpg4.us/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://jpg4.us/

Response headers

Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Content-Length
1158
Date
Tue, 30 Oct 2018 14:24:40 GMT
Age
5
Connection
keep-alive
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
Adblocked 1?wmode=7&page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181030142440%3Ae...
mc.yandex.ru/watch/48140495 		133 B
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181030142440%3Aet%3A1540909481%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A679193474%3Ahid%3A297049122%3Ads%3A12%2C91%2C92%2C0%2C0%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A406%3Awn%3A15136%3Ahl%3A2%3Agdpr%3A14%3Aeu%3A1%3Av%3A1285%3Ast%3A1540909481%3Au%3A1540909480366968289%3Ahi%3A%3At%3AJPG4.us%E7%84%A1%E6%96%99%E7%94%BB%E5%83%8F%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81AV4.us%E5%8B%95%E7%94%BB%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%80%81%E3%82%B0%E3%83%A9%E3%83%93%E3%82%A2%E3%80%81%E3%82%A2%E3%82%A4%E3%82%B3%E3%83%A9%E3%80%81%E3%81%8A%E5%AE%9D%E5%86%99%E7%9C%9F%E3%80%81%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E3%80%81%E7%84%A1%E4%BF%AE%E6%AD%A3%E3%80%81%E6%B5%81%E5%87%BA%E3%80%81av
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e06892ad11dd723d31387dffc8bf8be44e3a90a07b763794a1245130e3977a85
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jpg4.us/
Origin
http://jpg4.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 30 Oct 2018 14:24:40 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 30-Oct-2018 14:24:40 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://jpg4.us
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
133
X-XSS-Protection
1; mode=block
Expires
Tue, 30-Oct-2018 14:24:40 GMT
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-620120-3&cid=302097296.1540909481&jid=1320838156&_v=j71&z=195343471&slf_rd=1&random=785961519
www.google.de/ads
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j71&a=110802714&t=pageview&_s=1&dl=http%3A%2F%2Fjpg4.us%2F&ul=en-us&de=UTF-8&dt=JPG4.us%E7%84%A1%E6%96%99%E7%94%BB%E5%83%8F%E6%A4%9C%E7%B4%A2%E3%82...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-620120-3&cid=302097296.1540909481&jid=1320838156&_gid=565891556.1540909481&gjid=858373811&_v=j71&z=195343471
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-620120-3&cid=302097296.1540909481&jid=1320838156&_v=j71&z=195343471
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-620120-3&cid=302097296.1540909481&jid=1320838156&_v=j71&z=195343471&slf_rd=1&random=785961519
42 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-620120-3&cid=302097296.1540909481&jid=1320838156&_v=j71&z=195343471&slf_rd=1&random=785961519
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Oct 2018 14:24:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Oct 2018 14:24:40 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-620120-3&cid=302097296.1540909481&jid=1320838156&_v=j71&z=195343471&slf_rd=1&random=785961519
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked collect?v=1&_v=j71&a=110802714&t=event&_s=2&dl=http%3A%2F%2Fjpg4.us%2F&ul=en-us&de=UTF-8&dt=JPG4.us%E7%84%A1%E6%96%99%E7%94%BB%E5%83%8F%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%8...
www.google-analytics.com 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j71&a=110802714&t=event&_s=2&dl=http%3A%2F%2Fjpg4.us%2F&ul=en-us&de=UTF-8&dt=JPG4.us%E7%84%A1%E6%96%99%E7%94%BB%E5%83%8F%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81AV4.us%E5%8B%95%E7%94%BB%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%80%81%E3%82%B0%E3%83%A9%E3%83%93%E3%82%A2%E3%80%81%E3%82%A2%E3%82%A4%E3%82%B3%E3%83%A9%E3%80%81%E3%81%8A%E5%AE%9D%E5%86%99%E7%9C%9F%E3%80%81%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E3%80%81%E7%84%A1%E4%BF%AE%E6%AD%A3%E3%80%81%E6%B5%81%E5%87%BA%E3%80%81av&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=general&ea=load&_u=oGBAAUAB~&jid=&gjid=&cid=302097296.1540909481&tid=UA-620120-3&_gid=565891556.1540909481&gtm=uam&cd1=jpg4.us&z=337891412
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Oct 2018 19:31:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2055196
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Adblocked stat.gif?event=failed_embed.server.15
referrer.disqus.com/juggler 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/stat.gif?event=failed_embed.server.15
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 14:24:41 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Verified Adblocked 1?page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Ai%3A20181030142450%...
mc.yandex.ru/watch/48140495
Redirect Chain
  • https://mc.yandex.ru/watch/48140495?page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626...
  • https://mc.yandex.ru/watch/48140495/1?page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A2166136...
43 B
773 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/48140495/1?page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Ai%3A20181030142450%3Aet%3A1540909490%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Apa%3A1%3Arn%3A583731987%3Ahid%3A297049122%3Ads%3A%2C%2C%2C%2C%2C%2C%2C648%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1285%3Ast%3A1540909490%3Au%3A1540909480366968289%3Ahi%3A
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource
ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Oct 2018 14:24:50 GMT
Last-Modified
Tue, 30-Oct-2018 14:24:50 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 30-Oct-2018 14:24:50 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 Oct 2018 14:24:50 GMT
Last-Modified
Tue, 30-Oct-2018 14:24:50 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
http://jpg4.us
Strict-Transport-Security
max-age=31536000
Location
/watch/48140495/1?page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Ai%3A20181030142450%3Aet%3A1540909490%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Apa%3A1%3Arn%3A583731987%3Ahid%3A297049122%3Ads%3A%2C%2C%2C%2C%2C%2C%2C648%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1285%3Ast%3A1540909490%3Au%3A1540909480366968289%3Ahi%3A
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 30-Oct-2018 14:24:50 GMT
Verified Adblocked 1?page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3...
mc.yandex.ru/watch/48140495
Redirect Chain
  • https://mc.yandex.ru/watch/48140495?page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626...
  • https://mc.yandex.ru/watch/48140495/1?page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A2166136...
43 B
773 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/48140495/1?page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181030142455%3Aet%3A1540909495%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A159%3Arn%3A963612855%3Ahid%3A297049122%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1285%3Ast%3A1540909495%3Au%3A1540909480366968289%3Ahi%3A
Requested by
Host: jpg4.us
URL: http://jpg4.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource
ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jpg4.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Oct 2018 14:24:55 GMT
Last-Modified
Tue, 30-Oct-2018 14:24:55 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 30-Oct-2018 14:24:55 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 Oct 2018 14:24:55 GMT
Last-Modified
Tue, 30-Oct-2018 14:24:55 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
http://jpg4.us
Strict-Transport-Security
max-age=31536000
Location
/watch/48140495/1?page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181030142455%3Aet%3A1540909495%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A159%3Arn%3A963612855%3Ahid%3A297049122%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1285%3Ast%3A1540909495%3Au%3A1540909480366968289%3Ahi%3A
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 30-Oct-2018 14:24:55 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 14
  • http://connect.facebook.net/ja_JP/all.js
  • https://connect.facebook.net/ja_JP/all.js
Request 15
  • http://www.youtube.com/embed/E6ylRXgfSFY?rel=0&hl=ja&fs=1&related=0&hideinfos=1&iv_load_policy=3&modestbranding=1
  • https://www.youtube.com/embed/E6ylRXgfSFY?rel=0&hl=ja&fs=1&related=0&hideinfos=1&iv_load_policy=3&modestbranding=1
Request 16
  • http://jpgnet.disqus.com/embed.js
  • https://jpgnet.disqus.com/embed.js
Request 17
  • https://mc.yandex.ru/watch/3?wmode=7&page-ref=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Av%3A1285%3Ast%3A1540909480%3Au%3A1540909480366968289%3Ahi%3A
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Av%3A1285%3Ast%3A1540909480%3Au%3A1540909480366968289%3Ahi%3A
Request 20
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=1956.agg6nYlu5E8Yyjjw3RYujj3TAKawSSqbhjW8_vAKmEySOI649AEredHsCjFkROPN.yJaQ8BrS8glnJ-G7MySyZhlNjs4%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=1956.g99rHZtjU6-_uwSwx2UVoAgIEaJSiZqK7QMv0OpwOws8ny3HWIvpyymPMVtUfxEhf_i2Mu-X_9rNFNFSHgXd7w%2C%2C.hO2sQvvw685sfDdmADyuuMWkxrA%2C
Request 25
  • https://mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A...
  • https://mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%...
Request 32
  • https://www.google-analytics.com/r/collect?v=1&_v=j71&a=110802714&t=pageview&_s=1&dl=http%3A%2F%2Fjpg4.us%2F&ul=en-us&de=UTF-8&dt=JPG4.us%E7%84%A1%E6%96%99%E7%94%BB%E5%83%8F%E6%A4%9C%E7%B4%A2%E3%82...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-620120-3&cid=302097296.1540909481&jid=1320838156&_gid=565891556.1540909481&gjid=858373811&_v=j71&z=195343471
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-620120-3&cid=302097296.1540909481&jid=1320838156&_v=j71&z=195343471
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-620120-3&cid=302097296.1540909481&jid=1320838156&_v=j71&z=195343471&slf_rd=1&random=785961519
Request 35
  • https://mc.yandex.ru/watch/48140495?page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626...
  • https://mc.yandex.ru/watch/48140495/1?page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A2166136...
Request 36
  • https://mc.yandex.ru/watch/48140495?page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626...
  • https://mc.yandex.ru/watch/48140495/1?page-url=http%3A%2F%2Fjpg4.us%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1540909479978%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A2166136...

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wj.ax.xrea.com
URL
http://wj.ax.xrea.com/l147.f?&x=785189211&id=100640546&url=http://jpg4.us/&rf=&sw=1600&sh=1200&cd=24&je=&pf=0&cc=&bt=JPG4.us%E7%84%A1%E6%96%99%E7%94%BB%E5%83%8F%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81AV4.us%E5%8B%95%E7%94%BB%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3%E3%80%81%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%80%81%E3%82%B0%E3%83%A9%E3%83%93%E3%82%A2%E3%80%81%E3%82%A2%E3%82%A4%E3%82%B3%E3%83%A9%E3%80%81%E3%81%8A%E5%AE%9D%E5%86%99%E7%9C%9F%E3%80%81%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E3%80%81%E7%84%A1%E4%BF%AE%E6%AD%A3%E3%80%81%E6%B5%81%E5%87%BA%E3%80%81av&ln=en&ct=us&ce=1&osec=0&tm=&prt=&pvf=0&pvl=0&pvt=0&drt=&dvf=0&dvl=0&dvt=0&pname=pieDE8en&chk=%EF%BF%BD%EF%BF%BD

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| bodyunld function| getgetp number| cX number| cY number| rX number| rY undefined| vW function| UpdateCursorPosition function| UpdateCursorPositionDocAll function| AssignPosition function| HideContent function| ShowContent function| ReverseContentDisplay function| ViewportWidth object| zz function| loadXMLDoc function| underp function| zoom function| lsstrg function| underv function| vlsstrg function| dtippc function| setCookie function| getCookie function| mypaging function| expandthb string| bookmarkurl string| bookmarktitle function| relonmousemove function| fc2avmouse function| sekeydoga function| tf function| myshowad function| myshowad1 function| myshowad2 function| showdogaHis function| showdogaHis2 function| jpg4orm function| mydisq string| userLangcf string| phpuserlang string| userLang string| LL string| basedm string| t1 string| inshowad string| inshowad2 object| dataLayer function| $ function| jQuery function| bookmark string| disqus_shortname string| ID number| AD number| FRAME object| google_tag_manager object| Ya object| yaCounter48140495 object| FB object| DISQUS function| sCk function| gCk function| cCk function| Escp function| gL function| sL function| hL function| sA function| mL1 function| mL2 object| IDS string| PNAME number| Tpx number| Lpx string| LAY number| w number| h number| XID string| rt string| XCHK number| XOK number| VTIME number| RSTING string| LOGSCRIPT string| url string| rf number| sw number| sh number| cd string| je string| pf string| cc string| bt string| ln string| ce string| bn number| bv number| osec number| vt number| today number| time string| Prt number| Pvf number| Pvl number| Pvt string| Drt number| Dvf number| Dvl number| Dvt string| B1 string| BTS string| B2 object| P_ string| Path object| dt string| c number| k string| X string| O string| S object| A number| R number| d string| path string| e string| C string| P string| D string| ct string| tm string| logurl function| gtag string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| sa object| gaGlobal object| gaData

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: http://tag.av4.xyz/index.php?js=aaa, Line 45, Column62
Message:
xUpdateCursorPositionDocAll

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

ajax.googleapis.com
av.av4.xyz
c.disquscdn.com
cdn.jsdelivr.net
connect.facebook.net
disqus.com
j1.ax.xrea.com
jiito.net
jpg4.us
jpgnet.disqus.com
mc.webvisor.org
mc.yandex.ru
referrer.disqus.com
staticxx.facebook.com
stats.g.doubleclick.net
tag.av4.xyz
wj.ax.xrea.com
www.asahi.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com

wj.ax.xrea.com


104.111.242.105
107.154.161.209
111.90.151.67
149.5.244.142
151.101.120.134
151.101.128.134
151.101.2.109
2400:cb00:2048:1::6810:50a6
2606:4700:30::ac40:af10
2a00:1450:4001:80b::200a
2a00:1450:4001:816::2004
2a00:1450:4001:816::200e
2a00:1450:4001:821::2003
2a00:1450:4001:821::200e
2a00:1450:400c:c0c::61
2a00:1450:400c:c0c::9c
2a02:6b8::1:119
2a03:2880:f01a:5:face:b00c:0:1
2a03:2880:f02d:12:face:b00c:0:3
52.69.74.2
52.69.95.9

03b3e942914498e15602d43432342c2c7502a1b8705f9c4bff55e7833a8310df
142ff5d598c4a7fd9e3bc896a775b3e143e1b54d8356a985f67ad70fdfd02f4f
14b84faea36611516d9a4ff02d89b9b0d7167a718584f92bf4d597d3f661664e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
22a100e19a099737c0b9eec9c19b6fc7de17e16c2d25e3a89fca20778e98abc6
411f2fb995f07d935b87424433dea891fe77130dfd9178114bc963a7330c40e9
4454af3e23a441a438966f02d3359d17864855f1496aa6d565cd226859829858
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
71f35af4bbc2ebc8d154e6313e30efcb2303ec666ab358451df531603b644967
7a55635c186cd96a00c29cc0f7308986c1c2027e7853db95a9494abffccf09cf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8710921de1e06750bde854a1492410cd2de7323c22b069f789c5f3c31a5bae36
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
9d361ddf04b76a91a9ea72b59497c1c3706a9cbbe6e1524614cbe9195fd46f6f
a3400d1e557d313c3ce683db6e3a2b7a7bc3e4f489ffcc4f8c071a9581c8b3ac
a8d842dc045c65986e7b50952261d47b62cab35c5829700e90d1965ec11692e3
ae18cfdd1dd9b7da71e04365f35a6f97183a7ae9ce4f0c7a78e2a762c12fa1c9
baa6381b2ebbe0fe666161b0dd3b8c2ab6bbe7e846d056ac6f06e97755af0a2a
bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390
c8ca200730ac9ce81c383bcaae625c5003930baade34e32b72b0ced38aaec320
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e06892ad11dd723d31387dffc8bf8be44e3a90a07b763794a1245130e3977a85
e2474ce79afafc42ddc85fb2a5f8f584b13c60e4ca5bdf6a2fc9a00881ae537f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f1dde880d0ae083fde02a4c2b8023d2890b02228e30ca907a774514ee723e950
f5ec7ce2243cb932286f01c2a82b3e236dacc26669fb7a9b82876fc801397e3c
fabcdfb24504a16930326e89b6ae5d807374e5b74966910d21b2a329fbb18b28