urlscan.io logo urlscan.io
SecurityTrails logo

juyceeditorial.com Open in urlscan Pro
172.67.151.239  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vk.cc/ciEKyD
Effective URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Submission: On November 16 via manual from NO — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 12 domains to perform 26 HTTP transactions. The main IP is 172.67.151.239, located in United States and belongs to CLOUDFLARENET, US. The main domain is juyceeditorial.com.
TLS certificate: Issued by GTS CA 1P5 on November 8th 2022. Valid for: 3 months.
This is the only time juyceeditorial.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online) Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
4 5 87.240.137.164 47541 (VKONTAKTE...)
1 172.82.84.126 398343 (BAXET-GROUP)
1 1 104.21.82.118 13335 (CLOUDFLAR...)
17 172.67.151.239 13335 (CLOUDFLAR...)
1 69.16.175.10 20446 (STACKPATH...)
1 2 104.16.124.175 13335 (CLOUDFLAR...)
1 142.250.185.234 15169 (GOOGLE)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 142.250.185.195 15169 (GOOGLE)
2 13.32.121.29 16509 (AMAZON-02)
26 9
5    87.240.137.164 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv164-137-240-87.vk.com
vk.cc
vkontakte.ru
vk.com
away.vk.com
1    172.82.84.126 (United States)

ASN398343 (BAXET-GROUP, US)
jetsomcluster.com
1    104.21.82.118 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
wheezepumps.com
17    172.67.151.239 (United States)

ASN13335 (CLOUDFLARENET, US)
juyceeditorial.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
2    104.16.124.175 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
trk-epicurei.com
1    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
fonts.gstatic.com
2    13.32.121.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-29.fra60.r.cloudfront.net
assets3.lottiefiles.com
Apex Domain
Subdomains		 Transfer
17 juyceeditorial.com
juyceeditorial.com
269 KB
3 vk.com
vk.com — Cisco Umbrella Rank: 5682
away.vk.com — Cisco Umbrella Rank: 113672
2 KB
2 lottiefiles.com
assets3.lottiefiles.com — Cisco Umbrella Rank: 148929
4 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 790
90 KB
1 gstatic.com
fonts.gstatic.com
18 KB
1 trk-epicurei.com
trk-epicurei.com — Cisco Umbrella Rank: 201469
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 669
30 KB
1 wheezepumps.com
wheezepumps.com
671 B
1 jetsomcluster.com
jetsomcluster.com
442 B
1 vkontakte.ru
vkontakte.ru — Cisco Umbrella Rank: 129900
600 B
1 vk.cc
vk.cc — Cisco Umbrella Rank: 310496
569 B
26 12
Domain Requested by
17 juyceeditorial.com jetsomcluster.com
juyceeditorial.com
2 assets3.lottiefiles.com unpkg.com
2 unpkg.com 1 redirects juyceeditorial.com
2 vk.com 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 trk-epicurei.com juyceeditorial.com
1 fonts.googleapis.com juyceeditorial.com
1 code.jquery.com juyceeditorial.com
1 wheezepumps.com 1 redirects
1 jetsomcluster.com away.vk.com
1 away.vk.com
1 vkontakte.ru 1 redirects
1 vk.cc 1 redirects
26 13

This site contains no links.

Subject Issuer Validity Valid
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-03-18 -
2023-04-03		 a year crt.sh
jetsomcluster.com
R3		 2022-11-03 -
2023-02-01		 3 months crt.sh
*.juyceeditorial.com
GTS CA 1P5		 2022-11-08 -
2023-02-06		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.trk-epicurei.com
E1		 2022-10-12 -
2023-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.lottiefiles.com
Amazon		 2022-09-25 -
2023-10-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Frame ID: 1A06A114DB8AC2233E4D7BC13FDCB2D8
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shopper Survey - vi vil ha din mening!

Page URL History Show full URLs

  1. https://vk.cc/ciEKyD HTTP 302
    https://vkontakte.ru/away.php?cc_key=ciEKyD&to=https%3A%2F%2Fjetsomcluster.com%2F0%2F0%2F0%2F84fe... HTTP 301
    https://vk.com/login?act=vkcomredirect&to=YXdheS5waHA/Y2Nfa2V5PWNpRUt5RCZ0bz1odHRwcyUzQSUyR... HTTP 301
    https://vk.com/away.php?cc_key=ciEKyD&to=https%3A%2F%2Fjetsomcluster.com%2F0%2F0%2F0%2F84fe... HTTP 302
    https://away.vk.com/away.php Page URL
  2. https://jetsomcluster.com/0/0/0/84fe2b70180fcb04dfe49158e5c714c9/AY/1/ZK_SP Page URL
  3. https://wheezepumps.com/index2.php?s1=351447&s2=853349949&s3=1381&s4=0&ow=30&p=no4cp7a HTTP 302
    https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

96 %
HTTPS

0 %
IPv6

12
Domains

13
Subdomains

9
IPs

4
Countries

417 kB
Transfer

955 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vk.cc/ciEKyD HTTP 302
    https://vkontakte.ru/away.php?cc_key=ciEKyD&to=https%3A%2F%2Fjetsomcluster.com%2F0%2F0%2F0%2F84fe2b70180fcb04dfe49158e5c714c9%2FAY%2F1%2FZK_SP HTTP 301
    https://vk.com/login?act=vkcomredirect&to=YXdheS5waHA/Y2Nfa2V5PWNpRUt5RCZ0bz1odHRwcyUzQSUyRiUyRmpldHNvbWNsdXN0ZXIuY29tJTJGMCUyRjAlMkYwJTJGODRmZTJiNzAxODBmY2IwNGRmZTQ5MTU4ZTVjNzE0YzklMkZBWSUyRjElMkZaS19TUA-- HTTP 301
    https://vk.com/away.php?cc_key=ciEKyD&to=https%3A%2F%2Fjetsomcluster.com%2F0%2F0%2F0%2F84fe2b70180fcb04dfe49158e5c714c9%2FAY%2F1%2FZK_SP HTTP 302
    https://away.vk.com/away.php Page URL
  2. https://jetsomcluster.com/0/0/0/84fe2b70180fcb04dfe49158e5c714c9/AY/1/ZK_SP Page URL
  3. https://wheezepumps.com/index2.php?s1=351447&s2=853349949&s3=1381&s4=0&ow=30&p=no4cp7a HTTP 302
    https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://vk.cc/ciEKyD HTTP 302
  • https://vkontakte.ru/away.php?cc_key=ciEKyD&to=https%3A%2F%2Fjetsomcluster.com%2F0%2F0%2F0%2F84fe2b70180fcb04dfe49158e5c714c9%2FAY%2F1%2FZK_SP HTTP 301
  • https://vk.com/login?act=vkcomredirect&to=YXdheS5waHA/Y2Nfa2V5PWNpRUt5RCZ0bz1odHRwcyUzQSUyRiUyRmpldHNvbWNsdXN0ZXIuY29tJTJGMCUyRjAlMkYwJTJGODRmZTJiNzAxODBmY2IwNGRmZTQ5MTU4ZTVjNzE0YzklMkZBWSUyRjElMkZaS19TUA-- HTTP 301
  • https://vk.com/away.php?cc_key=ciEKyD&to=https%3A%2F%2Fjetsomcluster.com%2F0%2F0%2F0%2F84fe2b70180fcb04dfe49158e5c714c9%2FAY%2F1%2FZK_SP HTTP 302
  • https://away.vk.com/away.php
Request Chain 6
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@1.6.0/dist/lottie-player.js

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
away.php
away.vk.com/
Redirect Chain
  • https://vk.cc/ciEKyD
  • https://vkontakte.ru/away.php?cc_key=ciEKyD&to=https%3A%2F%2Fjetsomcluster.com%2F0%2F0%2F0%2F84fe2b70180fcb04dfe49158e5c714c9%2FAY%2F1%2FZK_SP
  • https://vk.com/login?act=vkcomredirect&to=YXdheS5waHA/Y2Nfa2V5PWNpRUt5RCZ0bz1odHRwcyUzQSUyRiUyRmpldHNvbWNsdXN0ZXIuY29tJTJGMCUyRjAlMkYwJTJGODRmZTJiNzAxODBmY2IwNGRmZTQ5MTU4ZTVjNzE0YzklMkZBWSUyRjElMkZ...
  • https://vk.com/away.php?cc_key=ciEKyD&to=https%3A%2F%2Fjetsomcluster.com%2F0%2F0%2F0%2F84fe2b70180fcb04dfe49158e5c714c9%2FAY%2F1%2FZK_SP
  • https://away.vk.com/away.php
572 B
820 B 		Document
General
Check archive.org
Download Go to
Full URL
https://away.vk.com/away.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv164-137-240-87.vk.com
Software
kittenx / KPHP/7.4.112670
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

access-control-expose-headers
X-Frontend
cache-control
no-store
content-encoding
gzip
content-length
313
content-type
text/html; charset=windows-1251
date
Wed, 16 Nov 2022 14:17:39 GMT
server
kittenx
x-frame-options
DENY
x-frontend
front512004
x-powered-by
KPHP/7.4.112670

Redirect headers

access-control-expose-headers
X-Frontend
cache-control
no-store
content-encoding
gzip
content-length
20
content-type
text/html; charset=windows-1251
date
Wed, 16 Nov 2022 14:17:39 GMT
location
https://away.vk.com/away.php
server
kittenx
strict-transport-security
max-age=15768000
x-frame-options
DENY
x-frontend
front512004
x-powered-by
KPHP/7.4.112670
ZK_SP
jetsomcluster.com/0/0/0/84fe2b70180fcb04dfe49158e5c714c9/AY/1/ 		149 B
442 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jetsomcluster.com/0/0/0/84fe2b70180fcb04dfe49158e5c714c9/AY/1/ZK_SP
Requested by
Host: away.vk.com
URL: https://away.vk.com/away.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.82.84.126 , United States, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://away.vk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-length
149
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 14:17:40 GMT
server
Apache
Primary Request /
juyceeditorial.com/
Redirect Chain
  • https://wheezepumps.com/index2.php?s1=351447&s2=853349949&s3=1381&s4=0&ow=30&p=no4cp7a
  • https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
23 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Requested by
Host: jetsomcluster.com
URL: https://jetsomcluster.com/0/0/0/84fe2b70180fcb04dfe49158e5c714c9/AY/1/ZK_SP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9337672b6ff88920aed19b3ed501b2a6e941b0c5f6b2562dffed0f86ca718ab7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jetsomcluster.com/0/0/0/84fe2b70180fcb04dfe49158e5c714c9/AY/1/ZK_SP
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
76b0da060abb1c0a-OSL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 14:17:42 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kq1EKYuASc%2FmIvwmQRJ%2FoXZdSLJ9pJFs7pE6RVZ8m1WdldquoKg%2BVgFcvXpxLv77KieQeLfEgd%2BqRKdivYuIigtbHMWo7nNJAx9RC7%2FfQ2YJuJT9sOWCYoifj6UQoK9OCDMxeac%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
76b0da00faffb50f-OSL
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 14:17:41 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7T%2F9yLvGkDKfVuaXBWkorIVhua5vdVCP6gG72BZOjSv2q0CFyZbZad5zxfjWMi2cUODUbcrtcwYIdrbL1Z2hJULSt1aXEzS9pIh0WkU95DaVygJzI8dygJb4ohuKconVmw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
main00.css
juyceeditorial.com/master/css/ 		193 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://juyceeditorial.com/master/css/main00.css
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4fae8695dd32226793b6eb343e2acad53294dff39c07c6668fb413b08fcc35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338890
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 11 Mar 2021 12:43:44 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXYsCD9UMfVTflqbWLiIwhZ9yUC4Tr7tqhCp1T8jRZkrLs%2BoTuQpqvP6gMXgGOBDLeQWLmp6OdUyfqWXsXGasD0%2B%2F1%2BIE9l041%2F3WeSw8SaXlN5YbnyatG0%2BDTqcsdIMGETdl0Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
76b0da08cdf31c0a-OSL
expires
Sat, 19 Nov 2022 16:09:31 GMT
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:42 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d84"
vary
Accept-Encoding
x-hw
1668608262.dop024.sk1.t,1668608262.cds238.sk1.hn,1668608262.cds208.sk1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
date-no.js
juyceeditorial.com/master/js/ 		762 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://juyceeditorial.com/master/js/date-no.js
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
893fca62736860ea1abc9db160d2dfabf746d03dc551dcd83335b81209d26b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338890
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 09 Sep 2020 20:44:26 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMjrjaY%2Bkbvawc1P9R9NRzkQih4sPPwbpCS9m3XSP1zvmW0OLf6aTbVMJzze8qZxOG0HHsNEMyPHXTu8p47Rv6dzC%2FTg%2BqGu8%2FPRb4YI5xGaRTG86zkcq7a%2BtZE9LDjlE6HXx40%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
76b0da08cdf41c0a-OSL
expires
Sat, 19 Nov 2022 16:09:31 GMT
rndm_ppl_cmt_no.js
juyceeditorial.com/master/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://juyceeditorial.com/master/js/rndm_ppl_cmt_no.js
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
157
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHmguB71Z1jNC7L%2FkAd54durEdud%2FCa0s3k%2BNlJB%2F17aqSFadqw%2BFUMK%2Fze7xPbosnqGe85rptspAKcmYxu9jKfoIFbAdJqC1EWU%2BpLCZRpPTTbx0uDumOwmIK6Du1RIVYIXG7g%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
76b0da08cdf61c0a-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@1.6.0/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@1.6.0/dist/lottie-player.js
346 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@lottiefiles/lottie-player@1.6.0/dist/lottie-player.js
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Server
104.16.124.175 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d1792df588dbdfd956b9ecd2f6d85d368ecd7e27ddc91adb09d984a22ed46b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:42 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2016712
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GG49HT6JXCRGYK1HPYP05F7H-fra
server
cloudflare
etag
W/"5664f-nL1GUo3O167x1rvVi92ydr01W9E"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76b0da0b6e45b521-OSL

Redirect headers

date
Wed, 16 Nov 2022 14:17:42 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GJ0CCMNHJGCXZGJ8AFNPWHFC-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
470
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@lottiefiles/lottie-player@1.6.0/dist/lottie-player.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
76b0da0b1df3b521-OSL
msg.js
juyceeditorial.com/inc/ 		942 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://juyceeditorial.com/inc/msg.js
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338890
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 12:25:37 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOkdEajdZKs3a3oiTfSE9c2nxfHvDBfhhW0NNnFjaan8WqZDZKU7jRhjRCtL0VdNghA8q%2BZZscUpjDbFV%2Fp7h9y8TqI2RLg5PFDIbL1EK5yGx4Z9Fq6tQzzcWbveaZioSC20YFA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
76b0da08cdf71c0a-OSL
expires
Sat, 19 Nov 2022 16:09:32 GMT
cplogo.png
juyceeditorial.com/master/img/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juyceeditorial.com/master/img/cplogo.png
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f131715fd2b62e2ecc8876f68ed2c870a97397f4acfacc170b9642a01810a8b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:43 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338891
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55968
x-xss-protection
1; mode=block
last-modified
Thu, 10 Sep 2020 10:47:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocUtth0nacKzodwkX3%2BrSOohXxyGU83tn%2FhK4AnT0BUnAHf5vO5lV8WugxlgmM8l1p9gbQ9VzfCe%2FrbqhIJ%2F0cchCW1BhrgX%2BLqV0%2FG6bXY57kDsntIf9y1Tno1UJpCnzTswSzc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
76b0da0c898b1c0a-OSL
expires
Sat, 19 Nov 2022 16:09:32 GMT
noflag.png
juyceeditorial.com/master/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juyceeditorial.com/master/img/noflag.png
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c89faf99cc5fa88c19870bd70c14e884a5dd4cf45f9d9ca4abde18ca8e93fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:43 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338891
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5744
x-xss-protection
1; mode=block
last-modified
Wed, 09 Sep 2020 20:44:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzBMKASRpKo%2FcwlvQqCBNDIfnsinpvB8M8jAppW53oaZ2wPDMdHM9Td9mET6HY%2FSuiaLP6XHM%2FtoTm2EosTxjtdzzQlibApxRkbD%2FqFGv1P%2BHAay77lEHPNfDINn8ZQmnYbQHak%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
76b0da0c898c1c0a-OSL
expires
Sat, 19 Nov 2022 16:09:32 GMT
arfrgift.png
juyceeditorial.com/master/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juyceeditorial.com/master/img/arfrgift.png
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eecf2855875025551292d515ca0c4ad57a646d07c33478295131223692a4a8a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:43 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338890
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13325
x-xss-protection
1; mode=block
last-modified
Thu, 03 Sep 2020 08:32:39 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7PCSdqRyPNg%2By7bB0h48UqctZVrU4PYZOI6qUYvtQWTzF4%2Bte6kgfYchzUXUruUh%2BKeQ0Su%2FcCrP%2FT2gtd09uWejiZd5%2FPRX49mdz3wJYsLcDhAM4QI%2FR5Nt9xvfwsu%2BTz8FvU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
76b0da0c898d1c0a-OSL
expires
Sat, 19 Nov 2022 16:09:32 GMT
image.php
juyceeditorial.com/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juyceeditorial.com/image.php?img=images/products_image/Nespressov2.png
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06460283e572e27625dd3f84889f2bd08cd104c1c990f71d012c177972897a73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqvWqENbWKZDEt9vFWcFmodB60LQqLkx%2BPqAe%2BzRcvLNtvEyIf7lEELqIhUVPEVsu0caAOgW6PmbgQCP1gTwrOjRTHCIM9ncpoo8WTxBInZ%2Be7v7PAncxDrre2TqLEZ%2BZCjJm5I%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
76b0da0c898e1c0a-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52455
x-xss-protection
1; mode=block
expires
Wed, 23 Nov 2022 14:17:43 GMT
9227ed9e10072ce0bac69dc54109221b.png
juyceeditorial.com/master/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juyceeditorial.com/master/img/9227ed9e10072ce0bac69dc54109221b.png
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea6b093885ce53036c4b381a1ce1496d53029b9a205fe9471666022efde5d8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:43 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338890
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1172
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAAZjiwNBrYvajQ0zNZtDmAdXadNW5vV2x7HQyTNl3%2BzIRa0u82%2FKvRDhPw7p6RLRP5CO4phqIZb6tVBnjiPyyf0Q%2FhEU4DVzffUMLTfilxXz%2FkI%2FpdwfQjwkTAB9Ih%2BZG9sjgE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
76b0da0c898f1c0a-OSL
expires
Sat, 19 Nov 2022 16:09:33 GMT
image.php
juyceeditorial.com/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juyceeditorial.com/image.php?img=images/products_image/dysonnew.jpeg
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5940ca280f71ff303a4f1f40b0c1f34c6cf4c5c93ef49a86fc3512163358adab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZeTH6np7tY9fn5V%2BKnieMrdCPqpX9QR24WIUXcmsddFtVqpe%2Fd%2B1zWzZtLe%2B23xVy3djtfDDlf9ESrkbK5rlOtLyduX2V%2FwNtUS%2BF7M5wTEwA74k36ZvdDVK8YzMlWk1C1R0V4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/pjpeg
x-frame-options
SAMEORIGIN
cf-ray
76b0da0c89901c0a-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
image.php
juyceeditorial.com/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juyceeditorial.com/image.php?img=images/products_image/s21.jpeg
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a326605a77d7ff8b446f6f62ef2c2a48e02e3ec8ebe420fd9d1d1b1152e4db11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/pjpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z16E2LbXwjizf6uB53iNFbf5kuIQM9da%2BbogplAIS4ycSttGB0T9nyDj008miHfUi77GOIFRh02FFWQgvsarrp%2FarWfreoO0MwfNlibAoaVRnMU1vKJwj7DJ22jV9UifVR507aI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
76b0da0c89911c0a-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66071
x-xss-protection
1; mode=block
bcf7f117acc460e9148a3031c5b6c4e4.png
juyceeditorial.com/master/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juyceeditorial.com/master/img/bcf7f117acc460e9148a3031c5b6c4e4.png
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:43 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338890
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3947
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=polYUZdNpB%2B6ZQ8UKP%2Fp1tkeTscE%2BvLYcKBd1clxnoJMDNwDSAzTE92J8jzRFLcoGwT%2FD9GkpZc%2FJrSnE7UESOrDtsvhVO1LZZZJqzq0O9CofTLtasZ3wrp%2FTMHYOxARdOR7BpE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
76b0da0c89921c0a-OSL
expires
Sat, 19 Nov 2022 16:09:33 GMT
x.png
juyceeditorial.com/master/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juyceeditorial.com/master/img/x.png
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:43 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338890
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wlxR%2B1zQIz%2BOpoH6mRNYbdBxrkv0Cwx832UXvaDqpWeudu2xasB1KxAd2BF2odHSZf56oBscsp%2FqLPLtvSjBsnhdDZCnNmOQbJqLi2%2B9SleHWTlzqKrp7KL4SFjm2vT3EYj9I8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
76b0da0c89931c0a-OSL
expires
Sat, 19 Nov 2022 16:09:33 GMT
q_no_cp.js
juyceeditorial.com/master/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://juyceeditorial.com/master/js/q_no_cp.js
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9a973e66dae65d925be9a49743d0451063aeac6f8d754a9ef9e04134bb3153c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338891
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 10 Sep 2020 10:47:03 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaKvJBQV3lN78QFYtWoO8cE39%2BD4lB4RjybJp3qw9SfaLLDao292peL8TI%2FFvJgzYjuIC5xsVJl9%2FfRWeKXL7jN1JXoO00wWXg6rllHPCLp1Y6ocgZjl8fdu%2FPErSAf2bsUTp7E%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
76b0da0bf90d1c0a-OSL
expires
Sat, 19 Nov 2022 16:09:32 GMT
timer.js
juyceeditorial.com/master/js/ 		619 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://juyceeditorial.com/master/js/timer.js
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
204d5a3538e51529f2c2cc56c90c4023cb0bbad4bd03e9c116cbcfffd616952b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338891
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAoahr5zBCt5YP6gkOoR0QlyGKsJKnqLKEabVTDJNECibd3LvpNTCrie9WymmH66dV%2B8bLLBPZsHDqYW%2FD9GO7HsH2T98VteGQ9Sf9ODcQ0OBU0jW9pnMikmQN4w9R9KSt0Exoc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
76b0da0c49501c0a-OSL
expires
Sat, 19 Nov 2022 16:09:32 GMT
modal.js
juyceeditorial.com/master/js/ 		673 B
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://juyceeditorial.com/master/js/modal.js
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a421e3d21b620b2df12e22230e89290da9ed22a3245ab3ce6de31a6a2a661d6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338891
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 16:41:27 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TCzezSrMifngPykslM%2B3ZFAUkRiZZ%2FuyiWnr4tS5Ui70e%2BSVVQevLDYFIptki3JHjoGyzKT0GeY0Y%2FpT%2FtgryCT7b1bpOeFs%2FJUhSSBfgMbzR1CnbpLk5rA6T9GmeVbQTSN0U0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
76b0da0c69711c0a-OSL
expires
Sat, 19 Nov 2022 16:09:32 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Arimo:wght@400;700&display=swap
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/master/css/main00.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
8affc1a9a7084dd005ccc72ebc78e99a912e7fe7820025024bbb17a250c5fb44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 14:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 13:59:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Nov 2022 14:17:43 GMT
v9e118mez8
trk-epicurei.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-epicurei.com/scripts/push/v9e118mez8
Requested by
Host: juyceeditorial.com
URL: https://juyceeditorial.com/inc/msg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6745ca7e5b3bbda5143038305bc1ec5648296f4dd1bbbdaa0f81b87ee35c9676
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 14:17:43 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjGiMqupaYyQCkGtaQTlsLOOT37BH7hmBv49FMi%2BJzaOJF%2FBNKw9i1FPWGjueiqG8%2FdEkLwPOUjlNuxqqVbvk5Qnu27iToa9wojtsvitOU7xPyqOcZjKyEx68mYI%2FRzyh5T7"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray
76b0da0eecaeb505-OSL
expires
0
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arimo:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://juyceeditorial.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 21:03:41 GMT
x-content-type-options
nosniff
age
580442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18260
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:03:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 21:03:41 GMT
lf20_NxuRdg.json
assets3.lottiefiles.com/temp/ 		20 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets3.lottiefiles.com/temp/lf20_NxuRdg.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-29.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30abbcea5f8fb2a97caae4dd9368cfe177ab288bbc0e90437cfec4cf231f31af

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
XpGQn9jTqdCH_09IHXy3AQYee1_F_s91
content-encoding
br
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
date
Wed, 16 Nov 2022 14:16:32 GMT
x-amz-cf-pop
FRA60-P1
age
72
x-cache
Hit from cloudfront
last-modified
Wed, 03 Apr 2019 15:01:36 GMT
server
AmazonS3
etag
W/"1b4e549cdda1e3a3e3f75846ec48beea"
access-control-max-age
1800
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=315360000
vary
Accept-Encoding,Origin
x-amz-cf-id
0scrlzTvafKbVyFGe9aw0offYSKrRdxu6SAIqF_D9XlqGjkeIwi7rg==
lf20_NxuRdg.json
assets3.lottiefiles.com/temp/ 		20 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets3.lottiefiles.com/temp/lf20_NxuRdg.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-29.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30abbcea5f8fb2a97caae4dd9368cfe177ab288bbc0e90437cfec4cf231f31af

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://juyceeditorial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
XpGQn9jTqdCH_09IHXy3AQYee1_F_s91
content-encoding
br
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
date
Wed, 16 Nov 2022 14:16:32 GMT
x-amz-cf-pop
FRA60-P1
age
72
x-cache
Hit from cloudfront
last-modified
Wed, 03 Apr 2019 15:01:36 GMT
server
AmazonS3
etag
W/"1b4e549cdda1e3a3e3f75846ec48beea"
access-control-max-age
1800
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=315360000
vary
Accept-Encoding,Origin
x-amz-cf-id
tKdv2fytY8BX6WdBtjV1UeyrGlI0E5Z727Fe9fHF58tbgdVaMxCaRw==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online) Customer Survey Spam (Consumer)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| asdf function| datehax object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| replaceUrlParam object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain function| startTimer function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore

8 Cookies

Domain/Path Name / Value
.vkontakte.ru/ Name: remixstlid
Value: 9052461145561074166_v8vSCuzn9SFnn5WhdT7yW5KyWYDXHZvKpjqZo53dfXc
.vk.com/ Name: remixlang
Value: 55
.vk.com/ Name: remixstlid
Value: 9113259740530697937_kmaEZXZoLHfwfceCuRqgxr3xpAjYUk2m3nVWKyQNeVD
.vk.com/ Name: remixvkcom
Value: 1
.vk.com/ Name: remixua
Value: -1%7C-1%7C194%7C2213647154
jetsomcluster.com/ Name: uid1381
Value: 853349949-20221116091740-a490c7d02aacc47925224f1b1101a846-0
wheezepumps.com/ Name: PHPSESSID
Value: 96713d67138f09f53f744258e8523ea6
juyceeditorial.com/ Name: PHPSESSID
Value: 51f3eae5d7c9d5a1a888229ce764c2fe

2 Console Messages

Source Level URL
Text
network error URL: https://juyceeditorial.com/master/js/rndm_ppl_cmt_no.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://juyceeditorial.com/?e63682f2ce00ce85b475614aed945760
Message:
Refused to execute script from 'https://juyceeditorial.com/master/js/rndm_ppl_cmt_no.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets3.lottiefiles.com
away.vk.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
jetsomcluster.com
juyceeditorial.com
trk-epicurei.com
unpkg.com
vk.cc
vk.com
vkontakte.ru
wheezepumps.com
104.16.124.175
104.21.82.118
13.32.121.29
142.250.185.195
142.250.185.234
172.67.151.239
172.82.84.126
188.114.97.3
69.16.175.10
87.240.137.164
06460283e572e27625dd3f84889f2bd08cd104c1c990f71d012c177972897a73
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
204d5a3538e51529f2c2cc56c90c4023cb0bbad4bd03e9c116cbcfffd616952b
2c89faf99cc5fa88c19870bd70c14e884a5dd4cf45f9d9ca4abde18ca8e93fb0
2ea6b093885ce53036c4b381a1ce1496d53029b9a205fe9471666022efde5d8f
30abbcea5f8fb2a97caae4dd9368cfe177ab288bbc0e90437cfec4cf231f31af
42d1792df588dbdfd956b9ecd2f6d85d368ecd7e27ddc91adb09d984a22ed46b
5940ca280f71ff303a4f1f40b0c1f34c6cf4c5c93ef49a86fc3512163358adab
597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4
6745ca7e5b3bbda5143038305bc1ec5648296f4dd1bbbdaa0f81b87ee35c9676
7d4fae8695dd32226793b6eb343e2acad53294dff39c07c6668fb413b08fcc35
893fca62736860ea1abc9db160d2dfabf746d03dc551dcd83335b81209d26b6c
8affc1a9a7084dd005ccc72ebc78e99a912e7fe7820025024bbb17a250c5fb44
9337672b6ff88920aed19b3ed501b2a6e941b0c5f6b2562dffed0f86ca718ab7
a326605a77d7ff8b446f6f62ef2c2a48e02e3ec8ebe420fd9d1d1b1152e4db11
a421e3d21b620b2df12e22230e89290da9ed22a3245ab3ce6de31a6a2a661d6e
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
e9a973e66dae65d925be9a49743d0451063aeac6f8d754a9ef9e04134bb3153c
eecf2855875025551292d515ca0c4ad57a646d07c33478295131223692a4a8a3
f131715fd2b62e2ecc8876f68ed2c870a97397f4acfacc170b9642a01810a8b2
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d