urlscan.io logo urlscan.io
SecurityTrails logo

data.jpg4.biz Open in urlscan Pro
2606:4700:3037::ac43:c20e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://de.photo-pic.cyou/
Effective URL: http://data.jpg4.biz/
Submission: On March 27 via manual from AU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 18 domains to perform 48 HTTP transactions. The main IP is 2606:4700:3037::ac43:c20e, located in United States and belongs to CLOUDFLARENET, US. The main domain is data.jpg4.biz.
This is the only time data.jpg4.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 192.229.133.221 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
2 4 2a00:1450:400... 15169 (GOOGLE)
6 45.133.44.25 7018 (ATT-INTER...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 150.95.129.59 7506 (INTERQ GM...)
3 6 2a02:6b8::1:119 208722 (YNDX)
3 45.133.44.24 39572 (ADVANCEDH...)
1 2 80.239.201.71 1299 (TWELVE99 ...)
1 168.119.25.22 24940 (HETZNER-AS)
1 2a01:4f8:e0:1... 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
48 22
1    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
de.photo-pic.cyou
2    192.229.133.221 (United States)

ASN15133 (EDGECAST, US)
www.w3schools.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700:3038::6815:e9f5 (United States)

ASN13335 (CLOUDFLARENET, US)
jsjs.gazo.space
5    2606:4700:3038::6815:e9f6 (United States)

ASN13335 (CLOUDFLARENET, US)
js.gazo.space
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
6    45.133.44.25 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
js.wpadmngr.com
54705174db.8b1f93b707.com
1    2606:4700:3037::ac43:c20e (United States)

ASN13335 (CLOUDFLARENET, US)
data.jpg4.biz
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    150.95.129.59 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-129-59.a07a.g.tyo1.static.cnode.io
page.myfile-host.info
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
3    45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
na.nawpush.com
js.wpushsdk.com
2    80.239.201.71 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 80-239-201-71.teliacarrier-cust.com
mc.webvisor.org
1    168.119.25.22 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.22.25.119.168.clients.your-server.de
nereserv.com
1    2a01:4f8:e0:19cb::1 (Germany)

ASN24940 (HETZNER-AS, DE)
b2bc795549.8b1f93b707.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate-pa.googleapis.com
Apex Domain
Subdomains		 Transfer
7 gazo.space
jsjs.gazo.space — Cisco Umbrella Rank: 482982
js.gazo.space — Cisco Umbrella Rank: 410815
72 KB
7 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 251
translate.googleapis.com — Cisco Umbrella Rank: 796
translate-pa.googleapis.com — Cisco Umbrella Rank: 1315
148 KB
6 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2926
3 KB
5 wpadmngr.com
js.wpadmngr.com — Cisco Umbrella Rank: 30985
31 KB
5 google.com
translate.google.com — Cisco Umbrella Rank: 957
www.google.com — Cisco Umbrella Rank: 2
55 KB
2 gstatic.com
www.gstatic.com
3 KB
2 webvisor.org
mc.webvisor.org — Cisco Umbrella Rank: 19319
738 B
2 wpushsdk.com
js.wpushsdk.com — Cisco Umbrella Rank: 43183
48 KB
2 8b1f93b707.com
54705174db.8b1f93b707.com
b2bc795549.8b1f93b707.com
396 B
2 w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 16075
11 KB
1 nereserv.com
nereserv.com — Cisco Umbrella Rank: 45663
193 B
1 nawpush.com
na.nawpush.com — Cisco Umbrella Rank: 47436
664 B
1 myfile-host.info
page.myfile-host.info — Cisco Umbrella Rank: 555962
270 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54 Failed
37 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403 Failed
58 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194 Failed
5 KB
1 jpg4.biz
data.jpg4.biz
6 KB
1 photo-pic.cyou
de.photo-pic.cyou
11 KB
48 18
Domain Requested by
6 mc.yandex.ru 3 redirects data.jpg4.biz
5 js.wpadmngr.com js.gazo.space
js.wpadmngr.com
5 js.gazo.space de.photo-pic.cyou
data.jpg4.biz
4 translate.googleapis.com translate.googleapis.com
data.jpg4.biz
4 translate.google.com 2 redirects de.photo-pic.cyou
data.jpg4.biz
2 www.gstatic.com translate.googleapis.com
data.jpg4.biz
2 mc.webvisor.org 1 redirects data.jpg4.biz
2 js.wpushsdk.com js.wpadmngr.com
2 jsjs.gazo.space de.photo-pic.cyou
data.jpg4.biz
2 ajax.googleapis.com de.photo-pic.cyou
data.jpg4.biz
2 www.w3schools.com de.photo-pic.cyou
data.jpg4.biz
1 translate-pa.googleapis.com srcdoc
1 www.google.com data.jpg4.biz
1 b2bc795549.8b1f93b707.com js.wpushsdk.com
1 nereserv.com js.wpushsdk.com
1 54705174db.8b1f93b707.com js.wpadmngr.com
1 na.nawpush.com js.wpadmngr.com
1 page.myfile-host.info data.jpg4.biz
1 www.googletagmanager.com js.gazo.space
1 cdn.jsdelivr.net js.gazo.space
1 cdnjs.cloudflare.com js.gazo.space
1 data.jpg4.biz js.gazo.space
1 de.photo-pic.cyou
48 23
Subject Issuer Validity Valid
*.w3schools.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-27 -
2022-05-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
js.wpadmngr.com
R3		 2022-03-21 -
2022-06-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
na.nawpush.com
R3		 2022-02-09 -
2022-05-10		 3 months crt.sh
54705174db.8b1f93b707.com
R3		 2022-02-25 -
2022-05-26		 3 months crt.sh
js.wpushsdk.com
R3		 2022-03-21 -
2022-06-19		 3 months crt.sh
notification.tubecup.net
R3		 2022-01-28 -
2022-04-28		 3 months crt.sh
b2bc795549.8b1f93b707.com
R3		 2022-03-22 -
2022-06-20		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://data.jpg4.biz/
Frame ID: 695D022590FCF3A3A46D8179A94A4375
Requests: 43 HTTP requests in this frame

Frame: https://js.gazo.space/tagjpa.php?noself=1&url=js.gazo.space/tagjpa.php?feed=tpics&14
Frame ID: 6E30F54529F2AFCD29E3B5A3908168D7
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 380B1D232E0FE5556C7F4479E71DA606
Requests: 1 HTTP requests in this frame

Frame: https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
Frame ID: CA41B81142F2694676A73EF4F0F76929
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://de.photo-pic.cyou/ Page URL
  2. http://data.jpg4.biz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

48
Requests

71 %
HTTPS

71 %
IPv6

18
Domains

23
Subdomains

22
IPs

5
Countries

487 kB
Transfer

1847 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://de.photo-pic.cyou/ Page URL
  2. http://data.jpg4.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit HTTP 301
  • https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Request Chain 18
  • http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit HTTP 301
  • https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Request Chain 27
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsn4u5sc3uihxon2%3Afp%3A673%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A2%3Adp%3A0%3Als%3A1521624470748%3Ahid%3A509973857%3Az%3A0%3Ai%3A20220327040353%3Aet%3A1648353834%3Ac%3A1%3Arn%3A264741852%3Arqn%3A1%3Au%3A1648353834359287390%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1648353833027%3Ads%3A9%2C16%2C36%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ast%3A1648353834&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsn4u5sc3uihxon2%3Afp%3A673%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A2%3Adp%3A0%3Als%3A1521624470748%3Ahid%3A509973857%3Az%3A0%3Ai%3A20220327040353%3Aet%3A1648353834%3Ac%3A1%3Arn%3A264741852%3Arqn%3A1%3Au%3A1648353834359287390%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1648353833027%3Ads%3A9%2C16%2C36%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ast%3A1648353834&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 28
  • https://mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsn4u5sc3uihxon2%3Afp%3A673%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1634003806588%3Ahid%3A509973857%3Az%3A0%3Ai%3A20220327040353%3Aet%3A1648353834%3Ac%3A1%3Arn%3A604115594%3Arqn%3A1%3Au%3A1648353834359287390%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1648353833027%3Ads%3A9%2C16%2C36%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Arqnl%3A1%3Ast%3A1648353834%3At%3A&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsn4u5sc3uihxon2%3Afp%3A673%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1634003806588%3Ahid%3A509973857%3Az%3A0%3Ai%3A20220327040353%3Aet%3A1648353834%3Ac%3A1%3Arn%3A604115594%3Arqn%3A1%3Au%3A1648353834359287390%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1648353833027%3Ads%3A9%2C16%2C36%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Arqnl%3A1%3Ast%3A1648353834%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 34
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9589.2aF5h-BIcLdii-OXPwMJAkuWA4H-r6HFjSHfCSRqzkN8bM25SzweQ6dGY30sSokN.z6PXBFHqJ_8aEyoQy1eO5KSU_B4%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9589.eozYes-JD9zTzpJCsC5GccMO2XWhAhbcddUoVfY673rFQbBrtzswpGKroE2lA2WaA5sG519Kjh_nRs3Wg3fBU0X4RwWWZIW3A1kViqm3X_I%2C.PEFrmCkLfh7ofluKFX-q6vlFfPw%2C

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
de.photo-pic.cyou/ 		164 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://de.photo-pic.cyou/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d338f5c7b19372c62f13aeff9a4756fe6bcb19db69b6ae5cccc44ec2a7a7267

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 27 Mar 2022 04:03:52 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Cake
imghost
127001-h-dphoto-piccyoumh--US-rm127001/
55nloadrate
0.3615625
Cache-Control
public, max-age=43200
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Vary
Accept-Encoding
X-Proxy-Cache-R9
MISS
XkeyR9
de.photo-pic.cyou/--de.photo-pic.cyou--my_zone
X-Proxy-Cache-g-jp
STALE
Xkey-g-jp
de.photo-pic.cyou/--de.photo-pic.cyou--my_zone
CF-Cache-Status
HIT
Age
4552
Last-Modified
Sun, 27 Mar 2022 02:48:00 GMT
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHWxTQvw3RbWXahYsldYkF8ACUjMqx9OxpXjmudspZ1lIRM%2BgxtSQMszA%2FxnUbZK9rKoGCQE0YkEz8K0xo%2F1SpdJiCl6p8Ya4dieTJ1luOgw2%2FtqbY99mSeeKEmMRAmUgZlpJRnyC4bys0u36mdwxw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6f253d1b4aba3762-MXP
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
w3.css
www.w3schools.com/w3css/4/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: de.photo-pic.cyou
URL: http://de.photo-pic.cyou/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) / ASP.NET
Resource Hash
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding
gzip
etag
"0a6594c4e40d81:0"
last-modified
Fri, 25 Mar 2022 13:43:24 GMT
server
ECS (frb/6796)
age
14300
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public,max-age=14400,public
date
Sun, 27 Mar 2022 04:03:52 GMT
accept-ranges
bytes
content-length
5258
x-content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: de.photo-pic.cyou
URL: http://de.photo-pic.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 14:23:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Mar 2023 14:23:21 GMT
index.php
jsjs.gazo.space/ 		59 B
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsjs.gazo.space/index.php?js=very
Requested by
Host: de.photo-pic.cyou
URL: http://de.photo-pic.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash
d1de0bc316147ceb2b00b5ada8905e028661eb2d65355f8e3a8d1890b5022419

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
38nloadrate
0.015
x-powered-by
PHP/7.0.33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
imghost
4512413683-h-jsjsgazospacmh--DE-rm162158129109/index.php?js=very
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4Ov5axps2Y8HOlyIpHbPAw5W%2Fgu7UAy09Q71EsWJ3gSdBtGhvfUiPYgCUKhQ2xL9m2JN2N2Q6A4TiBKbxEkoXsyXAM%2Flk1X%2BEXagCHyJFgycyQQSKg53PzOJYhQdBsf47YT1MMBhbiUyyCbtJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
"*"
cache-control
max-age=360000, private
cf-ray
6f253d1bfe40839c-MXP
access-control-allow-headers
Cake
index.php
js.gazo.space/ 		152 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gazo.space/index.php?js=jpg4&aaa1
Requested by
Host: de.photo-pic.cyou
URL: http://de.photo-pic.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc2bd9bfc573c60ab431de5bb23a77f04b3eb5a5a06e7956d3d2b7b53f8a9ac4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

55nloadrate
0.443125
date
Sun, 27 Mar 2022 04:03:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
346
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
imghost
240b251541cc007285c289aba-h-jsgazospacmh--IT-rm2400cb002701024a298191/index.php?js=jpg4&aaa1
last-modified
Sun, 27 Mar 2022 03:58:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzdskXxK6PyLMJzzjglUuo8LNbmrX%2FtIc4GsVjHNwVGjpcvm7%2FmBeQVYj4UoaDkJ5WIma4qFDu%2F5MQluI4cPTpaRAfJmKE%2BhW4NFSoTUPeZZufTkf0G%2FnAjkOxw0RwWYTp6RsneFe%2FHm%2Bm9s"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=7200, s-max-age=1800
cf-ray
6f253d1bf98659dd-MXP
access-control-allow-headers
Cake
jpg4.css
js.gazo.space/mycss/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.gazo.space/mycss/jpg4.css
Requested by
Host: de.photo-pic.cyou
URL: http://de.photo-pic.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558b689c128aa3bd6044b9440c64c56f0b9caaa3f215e96144787318dec000b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1044219
xkeyr9
jjs./mycss/jpg4.css-A-js.gazo.space--my_zone
cf-ray
6f253d1be98559dd-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-proxy-cacher9
MISS
etag
W/"718-5a11787752b46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FD98N1tkIEJmM4n77%2BYVB9xNsgwLVzpGLLFM55TxqBiwB%2F9Qq4HA7H2jjFCziRS9Npgj3dqnmKn9J0vly%2Fj%2FZlHRnsGstiYCzzRaaDEhd9DFgAwZEg0HVgHAIuptBwrQa48hmqRcTJGElLE"}],"group":"cf-nel","max_age":604800}
xkey-g-jp
jjs./mycss/jpg4.css-A-js.gazo.space--my_zone
access-control-allow-origin
*
x-proxy-cache-di2
HIT
cache-control
public, max-age=3600000
content-type
text/css
access-control-allow-headers
Cake
element.js
translate.google.com/translate_a/
Redirect Chain
  • http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
  • https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: de.photo-pic.cyou
URL: http://de.photo-pic.cyou/
Protocol
H2
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc299461eb51ee9c5c40ec58264921ef96659439ed3e69c7c5efa783da048080
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Mar 2022 04:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Mar 2022 04:03:52 GMT
X-Content-Type-Options
nosniff
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
application/binary
Location
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Length
0
X-XSS-Protection
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
index.php
js.gazo.space/ 		0
0
adManager.js
js.wpadmngr.com/static/ 		451 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/static/adManager.js
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:53 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 09:03:43 GMT
server
nginx/1.18.0
etag
W/"6166a0ef-1c3"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 27 Mar 2022 04:08:53 GMT
cache-control
max-age=300
x-proxy-cache
HIT
Primary Request /
data.jpg4.biz/ 		13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://data.jpg4.biz/
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:c20e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ba90380afa1941f1f368fdf4ae5280aa821d7981912eee38c6d59c1a3b66c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 27 Mar 2022 04:03:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Cake
imghost
127001-h-datajpg4pwmh-datajpg4pw--rm127001/
55nloadrate
0.3915625
Cache-Control
public, max-age=43200
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Vary
Accept-Encoding
X-Proxy-Cache-R9
MISS
XkeyR9
jdata./-A-data.jpg4.pw-data.jpg4.pw-my_zone
X-Proxy-Cache-LA2
MISS
Xkey-la2
jdata./-A-data.jpg4.pw-data.jpg4.pw-my_zone
X-Proxy-Cache-la
STALE
Xkey-la
jdata./A2
Xkeylog
jdata./A-data.jpg4.biz
CF-Cache-Status
HIT
Age
10630
Last-Modified
Sun, 27 Mar 2022 01:06:43 GMT
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TH7HFfp7bJ1y3jqivqk9Nf2Qqqtu2WU2VbyG2AlNOpZUKy02sE653X4ONJvqcrPrXqlbUCWkTtV4cfl9xtawavCg4oeXh5Bv776q8YvFPiUcuDj3XwCNaXP3M0Ue7Pn0Q86YSdn4E8BryZXj"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6f253d20ad673756-MXP
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
NoSleep.min.js
cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/ 		0
0
watch.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
adManager.m.js
js.wpadmngr.com/static/ 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/static/adManager.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
Origin
http://de.photo-pic.cyou
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:53 GMT
content-encoding
gzip
last-modified
Fri, 25 Mar 2022 14:47:06 GMT
server
nginx/1.18.0
etag
W/"623dd5ea-14316"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 27 Mar 2022 04:08:53 GMT
cache-control
max-age=300
x-proxy-cache
HIT
w3.css
www.w3schools.com/w3css/4/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) / ASP.NET
Resource Hash
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding
gzip
etag
"0a6594c4e40d81:0"
last-modified
Fri, 25 Mar 2022 13:43:24 GMT
server
ECS (frb/6796)
age
14301
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public,max-age=14400,public
date
Sun, 27 Mar 2022 04:03:53 GMT
accept-ranges
bytes
content-length
5258
x-content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 14:23:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Mar 2023 14:23:21 GMT
index.php
jsjs.gazo.space/ 		59 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsjs.gazo.space/index.php?js=very
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash
d1de0bc316147ceb2b00b5ada8905e028661eb2d65355f8e3a8d1890b5022419

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
38nloadrate
0.015
x-powered-by
PHP/7.0.33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
imghost
4512413683-h-jsjsgazospacmh--DE-rm162158129109/index.php?js=very
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtQ8XaIHmMjtP33Wf%2FHC6%2Fa8M%2FBUciGebcFdZvwTyJzvFyLM0hI%2BLRUVr%2BSSl60ealU5rlXZt%2BaufFk4MMIlu6dKJrZRj0rgmTFqo19gUNFyG%2BirBlBDIUNMVOtA%2FwNAgyJZ9gt7Ix8kRqUaIbI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
"*"
cache-control
max-age=360000, private
cf-ray
6f253d20fa2b839c-MXP
access-control-allow-headers
Cake
index.php
js.gazo.space/ 		152 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gazo.space/index.php?js=jpg4&aaa1
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc2bd9bfc573c60ab431de5bb23a77f04b3eb5a5a06e7956d3d2b7b53f8a9ac4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

55nloadrate
0.443125
date
Sun, 27 Mar 2022 04:03:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
347
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
imghost
240b251541cc007285c289aba-h-jsgazospacmh--IT-rm2400cb002701024a298191/index.php?js=jpg4&aaa1
last-modified
Sun, 27 Mar 2022 03:58:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Poea3uCDmznMjoCcWQVFJ1Nn1IaEjYLVeRo0r9KMbvzSiqwwZ%2Bm3VeQtWksNvEzPMdOZtc%2FdnYqDZgRQvj1MrUeHM6YsUmUyVNCtZkcgTBUYZFVZv0XPKeh4KJGktPT7wu5pQCDFNKyQBw1I"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=7200, s-max-age=1800
cf-ray
6f253d20fcfb59dd-MXP
access-control-allow-headers
Cake
jpg4.css
js.gazo.space/mycss/ 		2 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.gazo.space/mycss/jpg4.css
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558b689c128aa3bd6044b9440c64c56f0b9caaa3f215e96144787318dec000b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1044220
xkeyr9
jjs./mycss/jpg4.css-A-js.gazo.space--my_zone
cf-ray
6f253d20fcf959dd-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-proxy-cacher9
MISS
etag
W/"718-5a11787752b46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVC%2FHZHi%2BqqDiveGwRPaXvv65ZWoADx4uFAsv86a8cN%2BBdf513tkXBRD20Cs7c2AURk9otT2wwLh7HKYEfcX7fT%2BR4zrnyNltkgXQ9bC6aHyoKxIPlrtQYCEzQpEigBiEoUsnFHEEBcmRjIa"}],"group":"cf-nel","max_age":604800}
xkey-g-jp
jjs./mycss/jpg4.css-A-js.gazo.space--my_zone
access-control-allow-origin
*
x-proxy-cache-di2
HIT
cache-control
public, max-age=3600000
content-type
text/css
access-control-allow-headers
Cake
element.js
translate.google.com/translate_a/
Redirect Chain
  • http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
  • https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H3
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7a3114767c93192697a0f163f426da6ffc29a18c0826b5df672f81f0882d228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Mar 2022 04:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Mar 2022 04:03:53 GMT
X-Content-Type-Options
nosniff
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
application/binary
Location
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Length
0
X-XSS-Protection
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
adManager.js
js.wpadmngr.com/static/ 		451 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/static/adManager.js
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:53 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 09:03:43 GMT
server
nginx/1.18.0
etag
W/"6166a0ef-1c3"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 27 Mar 2022 04:08:53 GMT
cache-control
max-age=300
x-proxy-cache
HIT
NoSleep.min.js
cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24656537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3953
cf-request-id
0aad7fa2d9000023df343e9000000001
timing-allow-origin
*
last-modified
Fri, 29 May 2020 20:07:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed16b69-29bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vb4vQbBUzuoD0bh6eq6AUDqw%2F6sW1y6FCP9rn68Ys4p%2BjFzI9WmaF5wIYfDnIMc9PRKiCMeD59CAPw23nqO%2Bn%2ByiUkQVE48Lts%2FCw4mhAUr18TSk3WbuURmledr0rVNOPmHCG91zxgs7HTSOB%2F%2F%2BMUa4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f253d246d6923c7-ZRH
expires
Fri, 17 Mar 2023 04:03:53 GMT
watch.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		139 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b33658e41241c1c118366cd77047b1442a4acf8c767c851d33bcd61fcc7a7598
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
24102
x-jsd-version
1.223.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19144-FRA, cache-cdg20729-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"22d05-rP87N43Y/uQeqNS19lrju21H0cQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6f253d247dc601e7-ZRH
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-620120-3
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
346d9215369a04851fcda690333625c706eb8ffd6352e72b40eb9edf61ebc0b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37550
x-xss-protection
0
last-modified
Sun, 27 Mar 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 27 Mar 2022 04:03:53 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.ml5YgcviWm4.O/d=1/rs=AN8SPfrAZhh4dl4l4LkhOVG90WChVBgx9g/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 03:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
2427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 27 Mar 2022 04:23:26 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ml5YgcviWm4.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpTBL4XnzQuWrGOzhpoH64Uyf9RUQ/ 		226 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ml5YgcviWm4.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpTBL4XnzQuWrGOzhpoH64Uyf9RUQ/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.ml5YgcviWm4.O/d=1/rs=AN8SPfrAZhh4dl4l4LkhOVG90WChVBgx9g/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2797b81c145d12bbc06aa66b00bd006eea26169b55a395243f3f87958682f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 21:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79100
x-xss-protection
0
last-modified
Wed, 23 Mar 2022 05:12:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Mar 2023 21:24:53 GMT
myda.php
page.myfile-host.info/ 		0
270 B 		Script
General
Check archive.org
Download Go to
Full URL
http://page.myfile-host.info/myda.php
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
HTTP/1.1
Server
150.95.129.59 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
v150-95-129-59.a07a.g.tyo1.static.cnode.io
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.20 / PHP/7.4.20
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 27 Mar 2022 04:03:54 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.20
Connection
close
X-Powered-By
PHP/7.4.20
Content-Length
0
Content-Type
text/html; charset=utf-8
adManager.m.js
js.wpadmngr.com/static/ 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/static/adManager.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
46534c356f1b1154cd053be08566866041a66830160d15ffc599b454ded2e366

Request headers

Referer
http://data.jpg4.biz/
Origin
http://data.jpg4.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:53 GMT
content-encoding
gzip
last-modified
Fri, 25 Mar 2022 14:47:06 GMT
server
nginx/1.18.0
etag
W/"623dd5ea-14316"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 27 Mar 2022 04:08:53 GMT
cache-control
max-age=300
x-proxy-cache
HIT
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsn4u5sc3uihxon2%3Afp%3A673%3Afu%3A0%3Aen%3Autf-8%3Ala%...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsn4u5sc3uihxon2%3Afp%3A673%3Afu%3A0%3Aen%3Autf-8%3Ala...
174 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsn4u5sc3uihxon2%3Afp%3A673%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A2%3Adp%3A0%3Als%3A1521624470748%3Ahid%3A509973857%3Az%3A0%3Ai%3A20220327040353%3Aet%3A1648353834%3Ac%3A1%3Arn%3A264741852%3Arqn%3A1%3Au%3A1648353834359287390%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1648353833027%3Ads%3A9%2C16%2C36%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ast%3A1648353834&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
1deba4100bac36986e79e7a1d1f6abf4df95f38e3743682396132fb3c2575a49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Mar 2022 04:03:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 27-Mar-2022 04:03:53 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
http://data.jpg4.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
174
x-xss-protection
1; mode=block
expires
Sun, 27-Mar-2022 04:03:53 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Mar 2022 04:03:53 GMT
last-modified
Sun, 27-Mar-2022 04:03:53 GMT
location
/watch/3/1?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsn4u5sc3uihxon2%3Afp%3A673%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A2%3Adp%3A0%3Als%3A1521624470748%3Ahid%3A509973857%3Az%3A0%3Ai%3A20220327040353%3Aet%3A1648353834%3Ac%3A1%3Arn%3A264741852%3Arqn%3A1%3Au%3A1648353834359287390%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1648353833027%3Ads%3A9%2C16%2C36%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ast%3A1648353834&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
http://data.jpg4.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 27-Mar-2022 04:03:53 GMT
1
mc.yandex.ru/watch/48140495/
Redirect Chain
  • https://mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsn4u5sc3uihxon2%3Afp%3A673%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
  • https://mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsn4u5sc3uihxon2%3Afp%3A673%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
338 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsn4u5sc3uihxon2%3Afp%3A673%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1634003806588%3Ahid%3A509973857%3Az%3A0%3Ai%3A20220327040353%3Aet%3A1648353834%3Ac%3A1%3Arn%3A604115594%3Arqn%3A1%3Au%3A1648353834359287390%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1648353833027%3Ads%3A9%2C16%2C36%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Arqnl%3A1%3Ast%3A1648353834%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
6bac04e5156f68ff434a6bfa607fd7785a2f7adfcdb282e587cbc5510f03ef9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Mar 2022 04:03:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 27-Mar-2022 04:03:53 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
http://data.jpg4.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Sun, 27-Mar-2022 04:03:53 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Mar 2022 04:03:53 GMT
last-modified
Sun, 27-Mar-2022 04:03:53 GMT
location
/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsn4u5sc3uihxon2%3Afp%3A673%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1634003806588%3Ahid%3A509973857%3Az%3A0%3Ai%3A20220327040353%3Aet%3A1648353834%3Ac%3A1%3Arn%3A604115594%3Arqn%3A1%3Au%3A1648353834359287390%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1648353833027%3Ads%3A9%2C16%2C36%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Arqnl%3A1%3Ast%3A1648353834%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
http://data.jpg4.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 27-Mar-2022 04:03:53 GMT
21923
na.nawpush.com/tags/ 		954 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://na.nawpush.com/tags/21923
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bd7071dfcb693dfd669569f905e5a51b8c40f044d382311aaa3a8c33cb990739

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 27 Mar 2022 04:03:53 GMT
cache-control
max-age=300, public
content-type
application/json
server
nginx/1.18.0
content-encoding
gzip
x-proxy-cache
HIT
wp-banners.js
js.wpadmngr.com/npc/sdk/ 		0
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:53 GMT
last-modified
Fri, 20 Aug 2021 15:14:31 GMT
server
nginx/1.18.0
etag
"611fc6d7-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 27 Mar 2022 04:08:53 GMT
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
track
54705174db.8b1f93b707.com/in/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://54705174db.8b1f93b707.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0MTE0MTAxMTUxNzY4OTE2MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMTkuMCIsInRhZ19pZCI6MjE5MjMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdGMvVW5rbm93biIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjEsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MX0=
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Mar 2022 04:03:53 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
npush.m.js
js.wpushsdk.com/npc/sdk/wpu/ 		133 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8cfac2b93645a7ada1597a3286da30ccdc357658e39c800ab4a4bfb893a8bdf9

Request headers

Referer
http://data.jpg4.biz/
Origin
http://data.jpg4.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:53 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 12:32:18 GMT
server
nginx/1.18.0
etag
W/"623b1352-21222"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 27 Mar 2022 04:08:53 GMT
cache-control
max-age=300
x-proxy-cache
HIT
csub.m.js
js.wpushsdk.com/npc/sdk/wpu/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/csub.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
03c69ef11a5ca8fe14bf57bd4d6be56132d2f53847b3d8d07a57db373e17df6b

Request headers

Referer
http://data.jpg4.biz/
Origin
http://data.jpg4.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:53 GMT
content-encoding
gzip
last-modified
Fri, 25 Mar 2022 14:31:37 GMT
server
nginx/1.18.0
etag
W/"623dd249-73e5"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 27 Mar 2022 04:08:53 GMT
cache-control
max-age=300
x-proxy-cache
HIT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9589.2aF5h-BIcLdii-OXPwMJAkuWA4H-r6HFjSHfCSRqzkN8bM25SzweQ6dGY30sSokN.z6PXBFHqJ_8aEyoQy1eO5KSU_B4%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9589.eozYes-JD9zTzpJCsC5GccMO2XWhAhbcddUoVfY673rFQbBrtzswpGKroE2lA2WaA5sG519Kjh_nRs3Wg3fBU0X4RwWWZIW3A1kViqm3X_I%2C.PEFrmCkLfh7ofluKFX-q6vlFfP...
43 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9589.eozYes-JD9zTzpJCsC5GccMO2XWhAhbcddUoVfY673rFQbBrtzswpGKroE2lA2WaA5sG519Kjh_nRs3Wg3fBU0X4RwWWZIW3A1kViqm3X_I%2C.PEFrmCkLfh7ofluKFX-q6vlFfPw%2C
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Server
80.239.201.71 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
80-239-201-71.teliacarrier-cust.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:54 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=9589.eozYes-JD9zTzpJCsC5GccMO2XWhAhbcddUoVfY673rFQbBrtzswpGKroE2lA2WaA5sG519Kjh_nRs3Wg3fBU0X4RwWWZIW3A1kViqm3X_I%2C.PEFrmCkLfh7ofluKFX-q6vlFfPw%2C
date
Sun, 27 Mar 2022 04:03:54 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
dip
nereserv.com/in/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?site=native-push&wl=1&event_id=53e83803-6276-4a8d-b8d7-6594c84e1901&subid=1590076611&sid=404755971&spot_id=16081&created_at=2022-03-27&timezone=0&ver=5.13.1&is_native=1
Requested by
Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.25.22 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.22.25.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Mar 2022 04:03:53 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
multy
b2bc795549.8b1f93b707.com/in/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b2bc795549.8b1f93b707.com/in/multy?wl=1&event_id=53e83803-6276-4a8d-b8d7-6594c84e1901&subid=1590076611&sid=404755971&spot_id=16081&created_at=2022-03-27&timezone=0&ver=5.13.1&is_native=1&tcid=0&site=native-push&screen_resolution=1600x1200&format=im-slide-b_r-body&adblock=0&testab=0&timezone_olson=Etc%2FUnknown&blocked_verticals=93%2C76&after_video=0&tu=1&mm=0&skins=8&default=0
Requested by
Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Mar 2022 04:03:54 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
tagjpa.php
js.gazo.space/ Frame 6E30 		176 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.gazo.space/tagjpa.php?noself=1&url=js.gazo.space/tagjpa.php?feed=tpics&14
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/

Response headers

date
Sun, 27 Mar 2022 04:03:55 GMT
content-type
text/html; charset=UTF-8
8tagproxuri
/tagjpa.php?noself=1&url=js.gazo.space/tagjpa.php?feed=tpics&14
cache-control
public, max-age=72000
684tagproxuri
/tagjpa.php?noself=1&url=js.gazo.space/tagjpa.php?feed=tpics&14
access-control-allow-origin
*
access-control-allow-headers
Cake
cf-cache-status
MISS
last-modified
Sun, 27 Mar 2022 04:03:55 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1ioMrilLGhdwLblI1q1N01XVFs7EwEH0pF%2Fg6Hbpc40pnTXngPoRZhwdg5k5p80NoTFSJCL76xsaVwdfFpWhXUgvYPUvXnB%2FPRTQEOr7hX2ugci8k5xLBsDpg73yErq0W9Tls7NI7v3RcJP"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6f253d2b4f53f91b-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
advert.gif
mc.yandex.ru/metrika/ 		43 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:54 GMT
last-modified
Wed, 23 Mar 2022 13:19:15 GMT
etag
"623af423-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 27 Mar 2022 05:03:54 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 03:51:08 GMT
x-content-type-options
nosniff
age
766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 27 Mar 2023 03:51:08 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ Frame 380B 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ml5YgcviWm4.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpTBL4XnzQuWrGOzhpoH64Uyf9RUQ/m=el_main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 03:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
2428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 27 Mar 2022 04:23:26 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		846 B
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 02:55:31 GMT
x-content-type-options
nosniff
age
4103
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
846
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 27 Mar 2023 02:55:31 GMT
cleardot.gif
www.google.com/images/ 		43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/cleardot.gif
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Mar 2022 04:03:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Jan 1990 00:00:00 GMT
supportedLanguages
translate-pa.googleapis.com/v1/ Frame CA41 		14 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 04:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
text/javascript; charset=UTF-8
vary
Origin, X-Origin, Referer
content-length
1213
x-xss-protection
0
expires
Sun, 27 Mar 2022 04:03:55 GMT
te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://translate.googleapis.com/translate_static/img/te_ctrl3.gif
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 18:00:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
468235
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1412
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 21 Mar 2023 18:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js.gazo.space
URL
https://js.gazo.space/index.php?js=jpg4&aaa2
Domain
cdnjs.cloudflare.com
URL
https://cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=UA-620120-3

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery string| imgdm string| ti string| pageuserlang string| lctcf string| advertisement string| adr number| isinframe object| script function| getCookie undefined| xhttp function| navidm undefined| linkElement object| rgxp function| picad function| ppic function| sendinfopic function| jpg4oot function| getgetp number| cX number| cY number| rX number| rY undefined| vW function| UpdateCursorPosition function| UpdateCursorPositionDocAll function| AssignPosition function| HideContent function| ShowContent function| ReverseContentDisplay function| ViewportWidth object| zz function| loadXMLDoc function| underp function| zoom object| nosleep function| myslide function| lsstrg function| underv function| dtippc function| setCookie function| mypaging function| escapeHtml function| expandthb string| bookmarkurl string| bookmarktitle function| relonmousemove function| add2play function| addfrm function| delstore function| showplay function| fc2avmouse function| sekeydoga function| tf function| myshowad function| myshowad1 function| myshowad2 function| showdogaHis function| showdogaHis2 function| jpg4orm string| userLangcf string| topdomain string| cmore string| phpuserlang string| userLang string| LL string| basedm number| unsaferef string| jsbody string| toptext string| toset string| t1 string| enhot string| inshowad string| inshowad2 object| dataLayer function| googleTranslateElementInit function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| meta object| s object| tosearch object| xfv string| formkw string| hint string| imgsdm string| avdm string| hdsdm string| vidsdm function| NoSleep object| google_tag_manager object| Ya object| yaCounter48140495 object| __adFormats object| __formatsGetters object| AdManager object| a3klsam object| activesInpages function| __fp-init number| httagadded string| avsubdm object| closure_lm_118808

18 Cookies

Domain/Path Name / Value
.gazo.space/ Name: __cf_bm
Value: DF7yzCmlt3YBRvReGcZsdjbAnEnxk2s5ZqXhYEdESQo-1648353833-0-AZ3SwPTNp9pvNd9qIqUWUyC74EePajTEh5wrvz6ch26o150rjiR7JqHnXYldlLFvijglIcv96H0Ct3gX0BqH5HE=
.photo-pic.cyou/ Name: cnt
Value: 1
.jpg4.biz/ Name: cnt
Value: 0
.jpg4.biz/ Name: myda
Value: yes
.jpg4.biz/ Name: _ym_uid
Value: 1648353834359287390
.jpg4.biz/ Name: _ym_d
Value: 1648353834
.yandex.ru/ Name: ymex
Value: 1679889833.yrts.1648353833#1679889833.yrtsi.1648353833
.yandex.ru/ Name: yandexuid
Value: 3346235271648353833
.yandex.ru/ Name: yuidss
Value: 3346235271648353833
mc.yandex.ru/ Name: yabs-sid
Value: 2127480551648353833
.yandex.ru/ Name: i
Value: D+M8hP9lstu9SNSJp5fNxsCWDwufOhHIe6lnZLEOtuvE6NstmpRHS46hx+dI8GY6X+92bLFD9S6nr7O+MmB+paXehpo=
.jpg4.biz/ Name: _ym_visorc
Value: b
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 2826465030fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1514280780fake
.webvisor.org/ Name: yandexuid
Value: 3346235271648353833
.webvisor.org/ Name: yuidss
Value: 3346235271648353833
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
.jpg4.biz/ Name: _ym_isad
Value: 2

6 Console Messages

Source Level URL
Text
javascript warning URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 25)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 25)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 25)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 25)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://data.jpg4.biz/(Line 56)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://page.myfile-host.info/myda.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://data.jpg4.biz/(Line 56)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://page.myfile-host.info/myda.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

54705174db.8b1f93b707.com
ajax.googleapis.com
b2bc795549.8b1f93b707.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
data.jpg4.biz
de.photo-pic.cyou
js.gazo.space
js.wpadmngr.com
js.wpushsdk.com
jsjs.gazo.space
mc.webvisor.org
mc.yandex.ru
na.nawpush.com
nereserv.com
page.myfile-host.info
translate-pa.googleapis.com
translate.google.com
translate.googleapis.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.w3schools.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
js.gazo.space
www.googletagmanager.com
150.95.129.59
168.119.25.22
192.229.133.221
2606:4700:3037::ac43:c20e
2606:4700:3038::6815:e9f5
2606:4700:3038::6815:e9f6
2606:4700::6810:125e
2606:4700::6810:5614
2a00:1450:4001:803::200a
2a00:1450:4001:808::2008
2a00:1450:4001:808::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:813::200a
2a01:4f8:e0:19cb::1
2a02:6b8::1:119
2a06:98c1:3121::7
45.133.44.24
45.133.44.25
80.239.201.71
03c69ef11a5ca8fe14bf57bd4d6be56132d2f53847b3d8d07a57db373e17df6b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1deba4100bac36986e79e7a1d1f6abf4df95f38e3743682396132fb3c2575a49
226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d
2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
346d9215369a04851fcda690333625c706eb8ffd6352e72b40eb9edf61ebc0b5
36ba90380afa1941f1f368fdf4ae5280aa821d7981912eee38c6d59c1a3b66c9
3d2797b81c145d12bbc06aa66b00bd006eea26169b55a395243f3f87958682f9
46534c356f1b1154cd053be08566866041a66830160d15ffc599b454ded2e366
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558b689c128aa3bd6044b9440c64c56f0b9caaa3f215e96144787318dec000b5
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
6bac04e5156f68ff434a6bfa607fd7785a2f7adfcdb282e587cbc5510f03ef9e
8cfac2b93645a7ada1597a3286da30ccdc357658e39c800ab4a4bfb893a8bdf9
9d338f5c7b19372c62f13aeff9a4756fe6bcb19db69b6ae5cccc44ec2a7a7267
a7a3114767c93192697a0f163f426da6ffc29a18c0826b5df672f81f0882d228
b33658e41241c1c118366cd77047b1442a4acf8c767c851d33bcd61fcc7a7598
bc299461eb51ee9c5c40ec58264921ef96659439ed3e69c7c5efa783da048080
bd7071dfcb693dfd669569f905e5a51b8c40f044d382311aaa3a8c33cb990739
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
cc2bd9bfc573c60ab431de5bb23a77f04b3eb5a5a06e7956d3d2b7b53f8a9ac4
d1de0bc316147ceb2b00b5ada8905e028661eb2d65355f8e3a8d1890b5022419
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d4e2132966d8c8c3b62d0e3a63e28a22105e02e50ad2690f9f9252d2e20904a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855