URL: https://jav216.shop/
Submission: On November 07 via api from BE — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 207.246.107.111, located in Los Angeles, United States and belongs to AS-VULTR, US. The main domain is jav216.shop.
TLS certificate: Issued by R10 on November 3rd 2024. Valid for: 3 months.
This is the only time jav216.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 207.246.107.111 20473 (AS-VULTR)
1 7 94.242.247.24 7979 (SERVERS-COM)
1 1 212.117.190.217 7979 (SERVERS-COM)
1 2606:4700:303... 13335 (CLOUDFLAR...)
12 3
Apex Domain
Subdomains
Transfer
7 isolatedovercomepasted.com
isolatedovercomepasted.com — Cisco Umbrella Rank: 90235
64 KB
5 jav216.shop
jav216.shop
65 KB
1 bncloudfl.com
cdn.bncloudfl.com — Cisco Umbrella Rank: 20683
128 KB
1 coosync.com
coosync.com — Cisco Umbrella Rank: 24276
507 B
12 4
Domain Requested by
7 isolatedovercomepasted.com 1 redirects jav216.shop
isolatedovercomepasted.com
5 jav216.shop jav216.shop
1 cdn.bncloudfl.com
1 coosync.com 1 redirects
12 4

This site contains no links.

Subject Issuer Validity Valid
dizhile.shop
R10
2024-11-03 -
2025-02-01
3 months crt.sh

Buypass Class 2 CA 5
2024-09-20 -
2025-03-18
6 months crt.sh
cdn.bncloudfl.com
WE1
2024-10-22 -
2025-01-20
3 months crt.sh

This page contains 4 frames:

Primary Page: https://jav216.shop/
Frame ID: 56F372902AD7BB58B7B8171BC5E6C950
Requests: 7 HTTP requests in this frame

Frame: https://isolatedovercomepasted.com/check.html
Frame ID: F9B17E7523A9005D17F8E51509B9F14D
Requests: 1 HTTP requests in this frame

Frame: https://isolatedovercomepasted.com/sn/ps/1946690?freq=0&im=1&puid=0&so=1&wcks=1
Frame ID: 621132705270BF251EBEC4928A135A50
Requests: 1 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Frame ID: 28990064C3318D6EA56F426E2F5751D9
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

jav216.shop

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

256 kB
Transfer

416 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://isolatedovercomepasted.com/sn/pr/1946690?zoneid=1946690&jp=_clkymol865w1c0pp9t0mc4&nojs=0&abvar=0&febuild=1.0.376&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&th=6az-Cp&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=ZzeGQzraHR0cHM6Ly9qYXYyMTYuc2hvcC8&afid=6868840974982656&dl=10&rtt=50&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&freq=0&uf=0 HTTP 302
  • https://coosync.com/sn/c?zoneid=1946690&freq=0&srp=mwKmIlcXK0KKVnszI8476vjcGbDxb3Ue6vbD9FlbA3RVjtH9rnUMVzKyKsDW1B9aW0t67bxJmVKSdZOhdJB3mumdWRpLolxFINVIGBG64zAPbJVI9UXwpiLxP6Gl&im=1&wcks=1 HTTP 302
  • https://isolatedovercomepasted.com/sn/ps/1946690?freq=0&im=1&puid=0&so=1&wcks=1

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
jav216.shop/
17 KB
10 KB
Document
General
Full URL
https://jav216.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.246.107.111 Los Angeles, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
207.246.107.111.vultrusercontent.com
Software
nginx /
Resource Hash
8bb9e4f4de6c6d780ef5ff897f63f14082dde1696eb10c58822cda1578fc71da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8ded2032386e08e8-LAX
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Nov 2024 11:53:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nz4Vem1XdR%2F%2BjLwUhNaU6QD2aHzjW5LVBEnc4FtLB9hOqllXEx2GrMI5tZ2Jpx7s5m5exGpcgRsepZSy0rI5i4fL3bG1cAMmYAY00yLnM3nIPt2QrcRIwyLMATHGgZpEf8opn6xYog%3D%3D"}],"group":"cf-nel","max_age":604800}
server
nginx
server-timing
cfL4;desc="?proto=TCP&rtt=1463&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=586&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
vary
Accept-Encoding Accept-Encoding
jquery.min.js
jav216.shop/js/
85 KB
34 KB
Script
General
Full URL
https://jav216.shop/js/jquery.min.js
Requested by
Host: jav216.shop
URL: https://jav216.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.246.107.111 Los Angeles, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
207.246.107.111.vultrusercontent.com
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jav216.shop/

Response headers

cache-control
max-age=18000, no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"043f7ef1bd61:0"
age
4356
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L56PCi%2BdVvBhoYzsuBRAUbJ1yot%2Bh2bpogRxwrmGYAsccLRPNDBBDoTrxN1FS4HM81jukD6o8qpnELAVnPclxe4JjxQvNgSNwOx4aKsLj4lUokfqkhTcErSHtoNnWBZGdz2TvXWejQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dec9d9519f608f8-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=2027&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=1028&delivery_rate=0&cwnd=232&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
date
Thu, 07 Nov 2024 11:53:57 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
server
nginx
last-modified
Sun, 26 Apr 2020 17:27:30 GMT
jquery.cookie.min.js
jav216.shop/js/
1 KB
1 KB
Script
General
Full URL
https://jav216.shop/js/jquery.cookie.min.js
Requested by
Host: jav216.shop
URL: https://jav216.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.246.107.111 Los Angeles, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
207.246.107.111.vultrusercontent.com
Software
nginx /
Resource Hash
b4d35cbf2c86758f78de96e52e10e348cd6d1990aac5c842bc78442e5b81894a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jav216.shop/

Response headers

cache-control
max-age=18000, no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"cfb6c01bc81d91:0"
age
1637
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YjbNfkg4ANeA9KYBFSNLLVhJ80i11q6JXFSC4Cing%2BQszE2aeNvy6%2FiShUppkwONeLFtWAJeLGf9Px6A5PZEBJpPFE3qGhK4CHAZO7pvDPZEPjh5EEv2v%2Bc6%2BeEfw85Gdb4PETPxsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ded02033a441013-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1769&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=787&delivery_rate=0&cwnd=242&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
date
Thu, 07 Nov 2024 11:53:57 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
server
nginx
last-modified
Sat, 26 Nov 2022 18:51:35 GMT
md5.min.js
jav216.shop/js/
4 KB
2 KB
Script
General
Full URL
https://jav216.shop/js/md5.min.js
Requested by
Host: jav216.shop
URL: https://jav216.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.246.107.111 Los Angeles, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
207.246.107.111.vultrusercontent.com
Software
nginx /
Resource Hash
03ac072c3a44122ed5df2e00ccf336261f8d26a7287ddee5712e7def1763393d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jav216.shop/

Response headers

cache-control
max-age=18000, no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"87549c649fcd81:0"
age
4355
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0j3rawohpT20qi1JgWOdRXnecgRSkfJ7ddfkM5%2BDYzy1tJ69kAjJh1MCEk0Rb8Iu8YCLQk%2BK3MsR03GtS%2Bgpc9w796zFtrkbBieDCRcd6u59yMUeMwei6eGz%2BxtUwsDdrsp7k%2Bdbww%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dec9d951dd92aa9-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1445&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=1025&delivery_rate=0&cwnd=243&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
date
Thu, 07 Nov 2024 11:53:57 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
server
nginx
last-modified
Sat, 19 Nov 2022 11:23:48 GMT
code.js
isolatedovercomepasted.com/lv/esnk/1946690/
161 KB
59 KB
Script
General
Full URL
https://isolatedovercomepasted.com/lv/esnk/1946690/code.js
Requested by
Host: jav216.shop
URL: https://jav216.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
a63db67e343c054e96709b01b6ac56c5c82ac73f424f08294973068406bd6504

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jav216.shop/

Response headers

timing-allow-origin
*
content-encoding
gzip
etag
W/"672c8cc8-282a6"
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab2
current
date
Thu, 07 Nov 2024 11:53:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 07 Nov 2024 09:47:52 GMT
server
nginx
vary
Accept-Encoding
check.html
isolatedovercomepasted.com/ Frame F9B1
0
0
Document
General
Full URL
https://isolatedovercomepasted.com/check.html
Requested by
Host: isolatedovercomepasted.com
URL: https://isolatedovercomepasted.com/lv/esnk/1946690/code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://jav216.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 07 Nov 2024 11:53:57 GMT
etag
W/"672b6939-394"
last-modified
Wed, 06 Nov 2024 13:03:53 GMT
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-js-ab
current
favicon.ico
jav216.shop/
17 KB
17 KB
Other
General
Full URL
https://jav216.shop/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.246.107.111 Los Angeles, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
207.246.107.111.vultrusercontent.com
Software
nginx /
Resource Hash
16ae10d08b2b6fd08c6882f150b34c3eaf9838bdb8782b86455a32057ddf3616

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jav216.shop/

Response headers

cache-control
max-age=18000, no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"10c81eb6c92ddb1:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bGDkDDfmjV9H%2B4GdOa2G2YhnrsreKvGoIE93EZdptO6Vsvt8zG7XGkYFwyadWoeVYl3cMGCoZyDaLqhuvTVeA1yiGPvg0R3IWJcI21OIOEl8tPY3fLdPTwhc%2BMPg5Xeg774vlb5epw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dec3d80399e2b74-LAX
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1506&sent=2&recv=4&lost=0&retrans=0&sent_bytes=0&recv_bytes=2010&delivery_rate=0&cwnd=246&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
content-length
16958
date
Thu, 07 Nov 2024 11:53:57 GMT
content-type
image/x-icon
last-modified
Sun, 03 Nov 2024 08:23:50 GMT
server
nginx
1946690
isolatedovercomepasted.com/get/
6 KB
2 KB
Script
General
Full URL
https://isolatedovercomepasted.com/get/1946690?zoneid=1946690&jp=_clkymol865w1c0pp9t0mc4&nojs=0&abvar=0&febuild=1.0.376&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&th=6az-Cp&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=ZzeGQzraHR0cHM6Ly9qYXYyMTYuc2hvcC8&afid=6868840974982656&dl=10&rtt=50&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&freq=0&uf=0
Requested by
Host: isolatedovercomepasted.com
URL: https://isolatedovercomepasted.com/lv/esnk/1946690/code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
1f92276aab9960a02780b6c2e6ca46f29c6078622e0e275b4b6e019204c446cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://jav216.shop/

Response headers

timing-allow-origin
*
x-route-id
config
content-encoding
gzip
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
date
Thu, 07 Nov 2024 11:53:57 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
1946690
isolatedovercomepasted.com/sn/ps/ Frame 6211
Redirect Chain
  • https://isolatedovercomepasted.com/sn/pr/1946690?zoneid=1946690&jp=_clkymol865w1c0pp9t0mc4&nojs=0&abvar=0&febuild=1.0.376&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=3&e...
  • https://coosync.com/sn/c?zoneid=1946690&freq=0&srp=mwKmIlcXK0KKVnszI8476vjcGbDxb3Ue6vbD9FlbA3RVjtH9rnUMVzKyKsDW1B9aW0t67bxJmVKSdZOhdJB3mumdWRpLolxFINVIGBG64zAPbJVI9UXwpiLxP6Gl&im=1&wcks=1
  • https://isolatedovercomepasted.com/sn/ps/1946690?freq=0&im=1&puid=0&so=1&wcks=1
0
0
Document
General
Full URL
https://isolatedovercomepasted.com/sn/ps/1946690?freq=0&im=1&puid=0&so=1&wcks=1
Requested by
Host: isolatedovercomepasted.com
URL: https://isolatedovercomepasted.com/lv/esnk/1946690/code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://jav216.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 07 Nov 2024 11:53:57 GMT
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
cookie.user_id.pre_sync.final

Redirect headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-length
118
content-type
text/html; charset=utf-8
date
Thu, 07 Nov 2024 11:53:57 GMT
location
https://isolatedovercomepasted.com/sn/ps/1946690?freq=0&im=1&puid=0&so=1&wcks=1
server
nginx
timing-allow-origin
*
x-route-id
cookie.user_id.sync
f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
cdn.bncloudfl.com/bn/f62/b4e/976/ Frame 2899
127 KB
128 KB
Image
General
Full URL
https://cdn.bncloudfl.com/bn/f62/b4e/976/f62b4e9764dc8773e43ebe6953f765d5c8909ef0.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a544b7c58fc06025c7b2b01efe063d4696c156e151b69adbd474fd3ac494f65c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cf-bgj
imgq:100,h2pri
etag
74a541d2091f43b307851f0d4775f2bf
age
32940
cf-cache-status
HIT
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
expires
Sat, 09 Nov 2024 02:44:57 GMT
x-proxy-cache
HIT
cf-polished
origFmt=gif, origSize=247759
x-trans-id
tx2e3e557d233f4821aa4e2-0066cf31b5
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 11:53:57 GMT
content-type
image/webp
x-openstack-request-id
tx2e3e557d233f4821aa4e2-0066cf31b5
vary
Accept
x-cdn-host-id
ds7288,ds9220
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
content-disposition
inline; filename="f62b4e9764dc8773e43ebe6953f765d5c8909ef0.webp"
priority
u=1,i
cache-control
max-age=432000
last-modified
Fri, 24 Nov 2023 15:27:26 GMT
x-timestamp
1700839645.52635
cf-ray
8ded2038eb500275-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
130096
server-timing
cfExtPri
server
cloudflare
chicken.gif
isolatedovercomepasted.com/ Frame 2899
43 B
480 B
Image
General
Full URL
https://isolatedovercomepasted.com/chicken.gif?z=1946690&pb=9f6fbfd69f0fa6559edefe8dca4220941730987637&pbc=aZ8ZMm5Rp0V1xixn&pbu=1C0dplE8Kqp1xixn&psp=AH7gQ2uaNDfkQcA8s8Hm2xNc5DMCXbSqTN2tfcAloCVeRtF_rgg9gJ0vJjpZzeylyBzWFk35DEplXlfcjdGHQJcRfOAJwIJqIaf8RdAeHh3TsC5oiw0HtH4YwbAUtvCy3qHImCVrlRGin2oorv6IaDhQ-12vtEhU33sx23N263jFejtOs10aaeE5On9OCL20tCtbpkWwJD34dgHmnsx8FxSCqG1-G6aizxSt9Wc1bUNw7JHTRsQsoldyWoqZ7A12zoNlaABxG4q99HtaKxV4Pl9zVnzAn9M--x59xkY7KipjA09ZVZwNRtKQGuhBs0P530r4s7BQrcd94NbnK3v0sYncl9aul4eut0t_jD_ATjsa7e-kfTVGqBDdLyZMcH4xe0grL7-FLt-g7iscg6wl3nYLN8XAh-YmDbemOJf3KP4eDEL_j-mq-ovhztfuWV48L4pejCFXYlQYDjZ9FufZS_cpEQgMYdMZAHOfQ4kg6XoOBG39zA3oe-MhdxnQLAVia2QhNcgRoBQn1Iuv4zL8BFPfp_Tufn_Lvq8hFrQsPO2W5E7SoZXPefFRTzXM6IOIjFHL2xPt6Nka2jKWnmniD3JCUDqLeju1CY8m2fksqCvwojEirUNnrlRCDvl52HkXBLpj6DsKnnfH859-7jfhBEiWoaBLLgq4rIqKXUjMZnkTxs3CWxiZxTfVEdbRirRmLZztJgZnQLGY5vJvjBDRKRB7peiEAXDR5-t2HSmUxblZpKdIvVAbG117HQHRQIZlWZEXun_FvDQ3siuv-0sqrzfGA2RbNMC5VKjTHnlPalgiHEpZpXSb5zzWG9_TtBX3QlUNivo0gllkS8vH3RNmsLWGJ1CF8ggUJTK5Mq_nbSL_d5m8inoWrcifUINlY4Z_7GrjbRKmUFai0r2H1FfG-PLRcz8tTlnG8ow0aeM=&freq=0&nojs=0&abvar=0&febuild=1.0.376&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&th=6az-Cp&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=ZzeGQzraHR0cHM6Ly9qYXYyMTYuc2hvcC8&afid=6868840974982656&dl=10&rtt=50&eclog=0&snc=0&ssc=1&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&pload=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-route-id
stats.impression
content-length
43
date
Thu, 07 Nov 2024 11:53:58 GMT
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-type
image/gif
timing-allow-origin
*
server
nginx
whob.gif
isolatedovercomepasted.com/ Frame 2899
43 B
645 B
Image
General
Full URL
https://isolatedovercomepasted.com/whob.gif?z=1946690&pb=9f6fbfd69f0fa6559edefe8dca4220941730987637&pbc=aZ8ZMm5Rp0V1xixn&pbu=1C0dplE8Kqp1xixn&psp=AH7gQ2uaNDfkQcA8s8Hm2xNc5DMCXbSqTN2tfcAloCVeRtF_rgg9gJ0vJjpZzeylyBzWFk35DEplXlfcjdGHQJcRfOAJwIJqIaf8RdAeHh3TsC5oiw0HtH4YwbAUtvCy3qHImCVrlRGin2oorv6IaDhQ-12vtEhU33sx23N263jFejtOs10aaeE5On9OCL20tCtbpkWwJD34dgHmnsx8FxSCqG1-G6aizxSt9Wc1bUNw7JHTRsQsoldyWoqZ7A12zoNlaABxG4q99HtaKxV4Pl9zVnzAn9M--x59xkY7KipjA09ZVZwNRtKQGuhBs0P530r4s7BQrcd94NbnK3v0sYncl9aul4eut0t_jD_ATjsa7e-kfTVGqBDdLyZMcH4xe0grL7-FLt-g7iscg6wl3nYLN8XAh-YmDbemOJf3KP4eDEL_j-mq-ovhztfuWV48L4pejCFXYlQYDjZ9FufZS_cpEQgMYdMZAHOfQ4kg6XoOBG39zA3oe-MhdxnQLAVia2QhNcgRoBQn1Iuv4zL8BFPfp_Tufn_Lvq8hFrQsPO2W5E7SoZXPefFRTzXM6IOIjFHL2xPt6Nka2jKWnmniD3JCUDqLeju1CY8m2fksqCvwojEirUNnrlRCDvl52HkXBLpj6DsKnnfH859-7jfhBEiWoaBLLgq4rIqKXUjMZnkTxs3CWxiZxTfVEdbRirRmLZztJgZnQLGY5vJvjBDRKRB7peiEAXDR5-t2HSmUxblZpKdIvVAbG117HQHRQIZlWZEXun_FvDQ3siuv-0sqrzfGA2RbNMC5VKjTHnlPalgiHEpZpXSb5zzWG9_TtBX3QlUNivo0gllkS8vH3RNmsLWGJ1CF8ggUJTK5Mq_nbSL_d5m8inoWrcifUINlY4Z_7GrjbRKmUFai0r2H1FfG-PLRcz8tTlnG8ow0aeM=&freq=0&nojs=0&abvar=0&febuild=1.0.376&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&th=6az-Cp&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=ZzeGQzraHR0cHM6Ly9qYXYyMTYuc2hvcC8&afid=6868840974982656&dl=10&rtt=50&eclog=0&snc=0&ssc=1&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&pload=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-route-id
stats.banner.view
content-length
43
date
Thu, 07 Nov 2024 11:53:58 GMT
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-type
image/gif
timing-allow-origin
*
server
nginx

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| e string| _0xodJ number| _0xodJ_ function| _0x4d3c object| RIoKTaL1 string| l$LX2 function| isBannedBrowser object| _0x3604 string| domain function| $ function| jQuery function| md5 function| 1946690__cngfg__eu function| ietpisa function| checkBeforeProceed function| JhEh4Oeflq0I3y3u518sN6FGoErFHL0WYwPH object| 1946690__cngfg function| handleException function| O544 boolean| zfgcodeloadedbanner number| onclHspc object| oncontextstore object| RmVlZEZyZXFDYXBTdG9yYWdl string| UGVyc2lzdFN0b3JhZ2U number| cs__param function| _clkymol865w1c0pp9t0mc4 number| puidSyncFrame boolean| zfgloadedbanner

10 Cookies

Domain/Path Name / Value
jav216.shop/ Name: challenge
Value: hEh4Oeflq0I3y3u518sN6FGoErFHL0WYwPH
jav216.shop/ Name: expires
Value: 1731066834
jav216.shop/ Name: UGVyc2lzdFN0b3JhZ2U
Value: %7B%7D
isolatedovercomepasted.com/ Name: cart
Value: 1
isolatedovercomepasted.com/ Name: cart_p
Value: 2
isolatedovercomepasted.com/ Name: UID
Value: 241107065374c546d5c8b74f2da16a73ab56
isolatedovercomepasted.com/ Name: CHCK
Value: 1
jav216.shop/ Name: bnState_1946690
Value: {"impressions":1,"delayStarted":0}
isolatedovercomepasted.com/ Name: CRICAP
Value: ONx1SAAAAAAAAAAB
isolatedovercomepasted.com/ Name: CRIBLOCK
Value: ONx1SAAAAABnLJ2w

3 Console Messages

Source Level URL
Text
rendering warning URL: https://jav216.shop/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0B09B07F4380000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://jav216.shop/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0809B07F4380000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security warning URL: https://isolatedovercomepasted.com/lv/esnk/1946690/code.js(Line 16)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.