urlscan.io logo urlscan.io
SecurityTrails logo

nananas.pages.dev Open in urlscan Pro
172.66.44.139  Public Scan

Go To Rescan Add Verdict Report
URL: https://nananas.pages.dev/
Submission: On September 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 14 HTTP transactions. The main IP is 172.66.44.139, located in United States and belongs to CLOUDFLARENET, US. The main domain is nananas.pages.dev.
TLS certificate: Issued by WE1 on September 4th 2024. Valid for: 3 months.
This is the only time nananas.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.66.44.139 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 172.67.74.163 13335 (CLOUDFLAR...)
1 2a04:4e42::347 54113 (FASTLY)
1 192.243.61.225 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.67.209.162 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.240.108.76 7979 (SERVERS-COM)
1 142.250.185.130 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 149.56.240.127 16276 (OVH)
14 12
2    172.66.44.139 (United States)

ASN13335 (CLOUDFLARENET, US)
nananas.pages.dev
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.67.74.163 (United States)

ASN13335 (CLOUDFLARENET, US)
picsum.photos
1    2a04:4e42::347 (United States)

ASN54113 (FASTLY, US)
fastly.picsum.photos
1    192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
modulecooper.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3.bp.blogspot.com
1    172.67.209.162 (United States)

ASN13335 (CLOUDFLARENET, US)
split.solusi.eu.org
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
suggestqueries.google.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    172.240.108.76 (United States)

ASN7979 (SERVERS-COM, US)
www.topcreativeformat.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
1    2606:4700:10::ac42:8472 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net
s4.histats.com
Apex Domain
Subdomains		 Transfer
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 6836
s4.histats.com — Cisco Umbrella Rank: 6819
5 KB
2 gstatic.com
fonts.gstatic.com
37 KB
2 picsum.photos
picsum.photos — Cisco Umbrella Rank: 92800
fastly.picsum.photos — Cisco Umbrella Rank: 140874
44 KB
2 pages.dev
nananas.pages.dev
9 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
51 KB
1 topcreativeformat.com
www.topcreativeformat.com — Cisco Umbrella Rank: 53002
1 google.com
suggestqueries.google.com — Cisco Umbrella Rank: 923
780 B
1 eu.org
split.solusi.eu.org
755 B
1 blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 17124
664 B
1 modulecooper.com
modulecooper.com
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
14 11
Domain Requested by
2 fonts.gstatic.com fonts.googleapis.com
2 nananas.pages.dev
1 s4.histats.com s10.histats.com
1 s10.histats.com nananas.pages.dev
1 pagead2.googlesyndication.com nananas.pages.dev
1 www.topcreativeformat.com split.solusi.eu.org
1 suggestqueries.google.com nananas.pages.dev
1 split.solusi.eu.org nananas.pages.dev
1 3.bp.blogspot.com nananas.pages.dev
1 modulecooper.com nananas.pages.dev
1 fastly.picsum.photos nananas.pages.dev
1 picsum.photos 1 redirects
1 fonts.googleapis.com nananas.pages.dev
14 13

This site contains no links.

Subject Issuer Validity Valid
nananas.pages.dev
WE1		 2024-09-04 -
2024-12-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
modulecooper.com
R10		 2024-08-15 -
2024-11-13		 3 months crt.sh
misc-sni.blogspot.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
solusi.eu.org
WE1		 2024-07-07 -
2024-10-05		 3 months crt.sh
*.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
topcreativeformat.com
R10		 2024-07-18 -
2024-10-16		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
s10.histats.com
WE1		 2024-08-07 -
2024-11-05		 3 months crt.sh
histats.com
R11		 2024-08-06 -
2024-11-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nananas.pages.dev/
Frame ID: B277B3E2BAB9FDC53F6F9032428CE97F
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Random Image Display

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

93 %
HTTPS

46 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

148 kB
Transfer

272 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://picsum.photos/600/400 HTTP 302
  • https://fastly.picsum.photos/id/786/600/400.jpg?hmac=vrVktsOjvWZxfPkgOvYp5fejC9rXMVAjyABIkuYkvso

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nananas.pages.dev/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nananas.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f41165908f508047cb27718b4ce4edfed7b75166807c69c53f4bef56a0295201
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8bde05cbaa9739ee-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 12:36:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pdGAlT4gMlx00tx67inEnC8C9tSF6dPBhmPqYaL7EqQ5I1cJ5fbNDqVLcfM8DtHu0Y9NXsjtJLNtpSc9iBuiVKTBqVGx6DDS7oi7WSFVkvQvUXKJiI7nEe%2FX2Y9UTKJXOHo5%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: nananas.pages.dev
URL: https://nananas.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b09b0920822a9385cac1bb34a1df9f96489dbbef839a5f33cf73c84b730410b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nananas.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 04 Sep 2024 12:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 04 Sep 2024 11:46:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Sep 2024 12:36:00 GMT
400.jpg
fastly.picsum.photos/id/786/600/
Redirect Chain
  • https://picsum.photos/600/400
  • https://fastly.picsum.photos/id/786/600/400.jpg?hmac=vrVktsOjvWZxfPkgOvYp5fejC9rXMVAjyABIkuYkvso
43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fastly.picsum.photos/id/786/600/400.jpg?hmac=vrVktsOjvWZxfPkgOvYp5fejC9rXMVAjyABIkuYkvso
Requested by
Host: nananas.pages.dev
URL: https://nananas.pages.dev/
Protocol
H2
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
120ce7ab1c3794f74c1ea926e95972c93725333f826ed8e7afb726df66dd26ab

Request headers

Referer
https://nananas.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

picsum-id
786
date
Wed, 04 Sep 2024 12:36:00 GMT
via
1.1 varnish
age
877714
x-cache
HIT
content-disposition
inline; filename="786-600x400.jpg"
content-length
43965
x-served-by
cache-fra-eddf8230154-FRA
server
nginx
x-timer
S1725453360.185697,VS0,VE1
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0

Redirect headers

date
Wed, 04 Sep 2024 12:36:00 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYhbXZTEBXWskF%2BW2OnQQyaMxF5VFWORX%2BcyowpBWnPNZhxz0%2Bk0Ew%2BOEaYCMxki%2FZ10DX0l5WXQFzPCJeqFRiTaZS2j%2BJ3Sben254b52GAwM4tQLVerl5lr0hTMNpM%3D"}],"group":"cf-nel","max_age":604800}
location
https://fastly.picsum.photos/id/786/600/400.jpg?hmac=vrVktsOjvWZxfPkgOvYp5fejC9rXMVAjyABIkuYkvso
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
8bde05ccaefad2a4-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
invoke.js
modulecooper.com/3167f7ad3227cb3665961d81553d2558/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://modulecooper.com/3167f7ad3227cb3665961d81553d2558/invoke.js
Requested by
Host: nananas.pages.dev
URL: https://nananas.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
https://nananas.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 12:36:00 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/ 		362 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif
Requested by
Host: nananas.pages.dev
URL: https://nananas.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nananas.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 10:43:43 GMT
x-content-type-options
nosniff
age
6737
content-disposition
inline;filename="btn_close.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
362
x-xss-protection
0
server
fife
etag
"v1764"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 05 Sep 2024 10:43:43 GMT
d6f51a1ed1d2f145512197f7cd7be46d
split.solusi.eu.org/get/site/js/ 		292 B
755 B 		Script
General
Check archive.org
Download Go to
Full URL
https://split.solusi.eu.org/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d
Requested by
Host: nananas.pages.dev
URL: https://nananas.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3252b7a76a9fd240a712dab9de3b745df5db4d7a1be6047440a4695d8266fbaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://nananas.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 12:36:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4RObacH7Kb8b%2FTvVxJV9XJScxYbyUhzwYz4Zdgx6V0xj7fc3BmdLkLKIYFfboDxbULgiGxcq1%2Fegph70Wi6TaaxLNHtPKJzsKkD8XuK3ap4L3VaIQf5ITEpbwdAeOzRBJKkDChgk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bde05cd595ed2b7-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
search
suggestqueries.google.com/complete/ 		20 B
780 B 		Script
General
Check archive.org
Download Go to
Full URL
https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=
Requested by
Host: nananas.pages.dev
URL: https://nananas.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-oF5Id8mZvu90XbCof8h0Rw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nananas.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 04 Sep 2024 12:36:00 GMT
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-oF5Id8mZvu90XbCof8h0Rw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-encoding
br
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
permissions-policy
unload=()
expires
-1
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nananas.pages.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 14:58:56 GMT
x-content-type-options
nosniff
age
337024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 14:58:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nananas.pages.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:39:40 GMT
x-content-type-options
nosniff
age
420980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 15:39:40 GMT
invoke.js
www.topcreativeformat.com/50d4435e09571d4e1fa50d7e6af2ffe7/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.topcreativeformat.com/50d4435e09571d4e1fa50d7e6af2ffe7/invoke.js
Requested by
Host: split.solusi.eu.org
URL: https://split.solusi.eu.org/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
https://nananas.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 04 Sep 2024 12:36:01 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host
www.topcreativeformat.com
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: nananas.pages.dev
URL: https://nananas.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
6b63caca7b97b3364525d5cd1ab213c2a119d8f0a3e5501961383cabf1c15d33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nananas.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 12:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52174
x-xss-protection
0
server
cafe
etag
14911745648017598158
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 04 Sep 2024 12:36:01 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: nananas.pages.dev
URL: https://nananas.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac42:8472 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
https://nananas.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 12:36:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
27722
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8bde05d64d09d2a9-FRA
content-length
4547
0.php
s4.histats.com/stats/ 		50 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4233089&@f16&@g1&@h1&@i1&@j1725453361702&@k0&@l1&@mRandom%20Image%20Display&@n0&@o1000&@q0&@r0&@s0&@tde-DE&@u1600&@b1:-109493749&@b3:1725453362&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fnananas.pages.dev%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534295.ip-149-56-240.net
Software
/
Resource Hash
846adaed8701f7ec413ab1318fb68a8b04a35eaf0d42a4d31facb3f8654848e5

Request headers

Referer
https://nananas.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 12:36:01 GMT
Connection
close
Content-Length
50
Content-Type
text/html;charset=UTF-8
favicon.ico
nananas.pages.dev/ 		12 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nananas.pages.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f41165908f508047cb27718b4ce4edfed7b75166807c69c53f4bef56a0295201
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nananas.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 12:36:02 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15tH0YXjVuaYPeDorw5EYSOxzKL3PktaOH%2Byg9Kn78k%2FMe9O9SI1neWVtZ%2FxqmtUeLQs9eRLzvPjAKCexht3inKvrXEUU90DUcBngz0083F30YtHBKJbVELHAj1cNNPK8bBjcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8bde05d8dca239ee-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| baseUrl function| autoRelated function| parseSpintax object| sece object| atOptions function| detectAdBlock object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

7 Cookies

Domain/Path Name / Value
nananas.pages.dev/ Name: HstCfa4233089
Value: 1725453361702
nananas.pages.dev/ Name: HstCla4233089
Value: 1725453361702
nananas.pages.dev/ Name: HstCmu4233089
Value: 1725453361702
nananas.pages.dev/ Name: HstPn4233089
Value: 1
nananas.pages.dev/ Name: HstPt4233089
Value: 1
nananas.pages.dev/ Name: HstCnv4233089
Value: 1
nananas.pages.dev/ Name: HstCns4233089
Value: 1

6 Console Messages

Source Level URL
Text
javascript warning URL: https://nananas.pages.dev/(Line 239)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://nananas.pages.dev/(Line 239)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://modulecooper.com/3167f7ad3227cb3665961d81553d2558/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://split.solusi.eu.org/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/50d4435e09571d4e1fa50d7e6af2ffe7/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://split.solusi.eu.org/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/50d4435e09571d4e1fa50d7e6af2ffe7/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.topcreativeformat.com/50d4435e09571d4e1fa50d7e6af2ffe7/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff