itemtesting.co Open in urlscan Pro
77.241.65.67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hebcicwr.com/fed1f021-dfac-423d-8fd2-99facffc8e1c
Effective URL:
https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA...
Submission: On August 19 via api (August 19th 2024, 1:32:44 am UTC) from US — Scanned from US

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 20 HTTP transactions. The main IP is 77.241.65.67, located in Latvia and belongs to OPTILANAS, LV. The main domain is itemtesting.co.
TLS certificate: Issued by E5 on July 29th 2024. Valid for: 3 months.

This is the only time itemtesting.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2600:9000:247... 2600:9000:247b:4400:9:a66f:a880:93a1	16509 (AMAZON-02) (AMAZON-02)
9	77.241.65.67 77.241.65.67	210130 (OPTILANAS) (OPTILANAS)
3	2606:4700:303... 2606:4700:3032::ac43:c37d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
2	20.50.64.3 20.50.64.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
20	8

2 2600:9000:247b:4400:9:a66f:a880:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

hebcicwr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 77.241.65.67 (Latvia)

ASN210130 (OPTILANAS, LV)

itemtesting.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:c37d (United States)

ASN13335 (CLOUDFLARENET, US)

push-drop.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f8cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.64.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

push-visit.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	itemtesting.co itemtesting.co	318 KB
3	push-drop.club push-drop.club — Cisco Umbrella Rank: 578942	5 KB
2	push-visit.xyz push-visit.xyz	2 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 1314	8 KB
2	hebcicwr.com 2 redirects hebcicwr.com	2 KB
1	gstatic.com fonts.gstatic.com	19 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	28 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1950	12 KB
20	9

	Domain	Requested by
9	itemtesting.co	itemtesting.co
3	push-drop.club	itemtesting.co push-drop.club
2	push-visit.xyz	push-drop.club
2	unpkg.com	itemtesting.co
2	hebcicwr.com	2 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	cdnjs.cloudflare.com	itemtesting.co
1	fonts.googleapis.com	itemtesting.co
1	use.fontawesome.com	itemtesting.co
20	9

This site contains no links.

Subject Issuer	Validity	Valid
itemtesting.co E5	`2024-07-29` - `2024-10-27`	3 months	crt.sh
push-drop.club WE1	`2024-08-03` - `2024-11-01`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
unpkg.com WE1	`2024-07-28` - `2024-10-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
push-visit.xyz GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-07-08` - `2025-01-08`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008
Frame ID: 39FF1BBB557E99EE9113B13F9C5DE0B6
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Support Chat

Page URL History Show full URLs

https://hebcicwr.com/fed1f021-dfac-423d-8fd2-99facffc8e1c HTTP 307
https://hebcicwr.com/fed1f021-dfac-423d-8fd2-99facffc8e1c/2 HTTP 302
https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2Uk... Page URL

Detected technologies

Pure CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+(?:([\d.])+/)?pure(?:-min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

393 kB
Transfer

529 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hebcicwr.com/fed1f021-dfac-423d-8fd2-99facffc8e1c HTTP 307
https://hebcicwr.com/fed1f021-dfac-423d-8fd2-99facffc8e1c/2 HTTP 302
https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
itemtesting.co/chatv2/
Redirect Chain

https://hebcicwr.com/fed1f021-dfac-423d-8fd2-99facffc8e1c
https://hebcicwr.com/fed1f021-dfac-423d-8fd2-99facffc8e1c/2
https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBS...

7 KB
7 KB

202ms
54ms

Document
text/html

77.241.65.67
OPTILANAS

General

Check archive.org

Show headers Download Go to

Full URL

https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

77.241.65.67 , Latvia, ASN210130 (OPTILANAS, LV),

Reverse DNS

Software

nginx /

Resource Hash

317cc0a8cc338e478008e9993e0922ac5a2b61e8abb27c327b3abb5d3f63b3b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 6755
Content-Type: text/html
Date: Mon, 19 Aug 2024 01:32:30 GMT
ETag: "66ae6d53-1a63"
Last-Modified: Sat, 03 Aug 2024 17:48:03 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Mon, 19 Aug 2024 01:32:30 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008
pragma: no-cache
server: nginx
via: 1.1 c723324ff3815a0e30df3eecba242152.cloudfront.net (CloudFront)
x-amz-cf-id: tkkDJiRrb2H8KouRb27XFu7pko-WJxhtjsL7NRSn50za86ej89LNjw==
x-amz-cf-pop: JFK52-P2
x-cache: Miss from cloudfront

GET
H3 200 ace-push.js Show response
push-drop.club/ 13 KB
5 KB 158ms
41ms Script
text/javascript 2606:4700:3032::ac43:c37d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://push-drop.club/ace-push.js
Requested by: Host: itemtesting.co
URL: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c37d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aabfeb6ea02f8e4f3e5490309d203f71b63ef57d475adba9df2344d3e32a1947

Request headers

Referer: https://itemtesting.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 01:32:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 08 Jul 2024 22:01:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3132
etag: W/"1dad1826584864d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CzHNj0%2FjK4Rr7jULmzPq8QqSSEcGt5zi0lMqMssdx8Tr7yk4CNTeceHZrERmiFTP7lVZGOk9cg6nAeSpUbMTMFmfm9LoYUhBeXEhytwGnYqA1shuzIpx9pT%2BOU6JXi3Z104m6l6ncZ5%2FW8ytvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=3600
cf-ray: 8b5663e309528c1d-EWR
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK product.png
itemtesting.co/chatv2/img/ 261 KB
261 KB 77ms
75ms Stylesheet
image/png 77.241.65.67
OPTILANAS

General

Check archive.org

Show headers Download Go to

Full URL

https://itemtesting.co/chatv2/img/product.png

Requested by

Host: itemtesting.co
URL: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

77.241.65.67 , Latvia, ASN210130 (OPTILANAS, LV),

Reverse DNS

Software

nginx /

Resource Hash

5efe9b65e43bca862eebe94b73eb09c218c0cba232451fa8f26922bb639ec946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 19 Aug 2024 01:32:30 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 29 Jul 2024 12:40:21 GMT
Server: nginx
ETag: "66a78db5-413ed"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 267245

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.2/css/ 53 KB
12 KB 157ms
36ms Stylesheet
text/css 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by: Host: itemtesting.co
URL: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer: https://itemtesting.co/
Origin: https://itemtesting.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 01:32:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1772940
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTWRFK2adAJHX%2BmMqh%2FhKYRjymYtWkQB02usV5nou06Cloj4cQmi%2FJP%2F0J07eLCHHLRJurs2%2BywLdkRZqRbZwj2fhs4pvBS65JqTLw0oFN7wTCY2wdE86va2Oo%2FVDh%2Bmd5jVpObuwaGyaaUZn1mqslL4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8b5663e30c204289-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 pure-min.css
unpkg.com/purecss@1.0.0/build/ 16 KB
6 KB 159ms
38ms Stylesheet
text/css 2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/purecss@1.0.0/build/pure-min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

434cc2ad4b3621f5d6631d2e30a25f1bddc2bc5ea8548236d70698b00578ffc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://itemtesting.co/
Origin: https://itemtesting.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 01:32:30 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 13673455
last-modified: Mon, 05 Jun 2017 15:02:40 GMT
fly-request-id: 01HRWM6JT082R3MYZ9ZZ17M70M-lga
server: cloudflare
etag: "4041-Bsbicbly0ELj8EtyGzLkx6K5qmk"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b5663e30f5543c9-EWR

GET
H2 200 grids-responsive-min.css
unpkg.com/purecss@1.0.0/build/ 8 KB
2 KB 152ms
32ms Stylesheet
text/css 2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/purecss@1.0.0/build/grids-responsive-min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a9e74bf710eef13b81f56375fc7e24c8b91050fa9ba66a75e9a3f35aece8f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://itemtesting.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 01:32:30 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10031730
last-modified: Mon, 05 Jun 2017 15:02:40 GMT
fly-request-id: 01HW9577ABX4XQEBB3DHK4YAWP-lga
server: cloudflare
etag: "1f60-O8+cDat7roGX29PcEKHeg9pY6j8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b5663e30a7843bb-EWR

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 153ms
52ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b09b0920822a9385cac1bb34a1df9f96489dbbef839a5f33cf73c84b730410b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://itemtesting.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Aug 2024 01:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 19 Aug 2024 00:32:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Aug 2024 01:32:30 GMT

GET
H/1.1 200
OK custom.css
itemtesting.co/chatv2/css/ 5 KB
5 KB 183ms
69ms Stylesheet
text/css 77.241.65.67
OPTILANAS

General

Check archive.org

Show headers Download Go to

Full URL

https://itemtesting.co/chatv2/css/custom.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

77.241.65.67 , Latvia, ASN210130 (OPTILANAS, LV),

Reverse DNS

Software

nginx /

Resource Hash

4951807e67639d15ed7e8b824c025f9e10061cd22dd1c37429dc16b54e6d638d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 19 Aug 2024 01:32:30 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 29 Jul 2024 12:40:22 GMT
Server: nginx
ETag: "66a78db6-1461"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5217

GET
H/1.1 200
OK logo.png
itemtesting.co/chatv2/img/ 30 KB
31 KB 194ms
80ms Image
image/png 77.241.65.67
OPTILANAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itemtesting.co/chatv2/img/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

77.241.65.67 , Latvia, ASN210130 (OPTILANAS, LV),

Reverse DNS

Software

nginx /

Resource Hash

903cdd562ac9f3359f41bfac7aeddcf0483da08d41a6c5cda0ecf303f27a7d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 19 Aug 2024 01:32:30 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 29 Jul 2024 12:40:22 GMT
Server: nginx
ETag: "66a78db6-79fc"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31228

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 121ms
46ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://itemtesting.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 01:32:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 276999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1t%2FysFDBLpu2NBlVb8aM%2F2Sk01ptNhhBkBEhc9a0S7tpk%2FGu1BZRm2zifAVpt3PS4KT2TN5D34TDCGKaff43Wygbrp3gS0uzaHXdjgQ%2FfqnRjd0eSNRCRNSdvrVCm9MrpjbQlakfw80gX7LI1LX%2F%2Fsai"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b5663e2d8b97286-EWR
expires: Sat, 09 Aug 2025 01:32:30 GMT

GET
H/1.1 200
OK custom.js Show response
itemtesting.co/chatv2/js/ 7 KB
7 KB 75ms
40ms Script
application/javascript 77.241.65.67
OPTILANAS

General

Check archive.org

Show headers Download Go to

Full URL

https://itemtesting.co/chatv2/js/custom.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

77.241.65.67 , Latvia, ASN210130 (OPTILANAS, LV),

Reverse DNS

Software

nginx /

Resource Hash

d83cd6e4594055df700b02c81e3c2110714be6b0052870207011c8c8d16248d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 19 Aug 2024 01:32:30 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 29 Jul 2024 12:40:23 GMT
Server: nginx
ETag: "66a78db7-1cb2"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7346

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 136ms
31ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://itemtesting.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 20:52:51 GMT
x-content-type-options: nosniff
age: 275979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Aug 2025 20:52:51 GMT

OPTIONS
H2 200 visit
push-visit.xyz/api/v1/ 0
0 441ms
133ms Preflight 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://push-visit.xyz/api/v1/visit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://itemtesting.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
content-length: 0
date: Mon, 19 Aug 2024 01:32:30 GMT

POST
H2 200 visit Show response
push-visit.xyz/api/v1/ 2 KB
2 KB 198ms
196ms Fetch
application/json 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://push-visit.xyz/api/v1/visit
Requested by: Host: push-drop.club
URL: https://push-drop.club/ace-push.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 162bd58ce974c367e9c8fdd29496473bb2ac76fdf3d2d3a1542b3eecf9ca05a4

Request headers

Referer: https://itemtesting.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 19 Aug 2024 01:32:30 GMT
server: Kestrel
content-length: 1868
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK thumb.png
itemtesting.co/chatv2/img/ 5 KB
6 KB 40ms
40ms Image
image/png 77.241.65.67
OPTILANAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itemtesting.co/chatv2/img/thumb.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

77.241.65.67 , Latvia, ASN210130 (OPTILANAS, LV),

Reverse DNS

Software

nginx /

Resource Hash

aef79b40ccaf6c66e35d7a94fd17148c02429a48207b8b5300475e0e1520755e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 19 Aug 2024 01:32:30 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 29 Jul 2024 12:40:21 GMT
Server: nginx
ETag: "66a78db5-1569"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5481

GET
H/1.1 404
Not Found favicon.ico
itemtesting.co/ 548 B
696 B 41ms
41ms Other
text/html 77.241.65.67
OPTILANAS

General

Check archive.org

Show headers Download Go to

Full URL: https://itemtesting.co/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.241.65.67 , Latvia, ASN210130 (OPTILANAS, LV),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 19 Aug 2024 01:32:30 GMT
Server: nginx
Connection: keep-alive
Content-Length: 548
Content-Type: text/html

GET
H/1.1 200
OK thumb.png
itemtesting.co/chatv2/img/ 5 KB
0 0ms
0ms Image
image/png 77.241.65.67
OPTILANAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itemtesting.co/chatv2/img/thumb.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.241.65.67 , Latvia, ASN210130 (OPTILANAS, LV),
Reverse DNS
Software: nginx /
Resource Hash: aef79b40ccaf6c66e35d7a94fd17148c02429a48207b8b5300475e0e1520755e

Request headers

Referer: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 19 Aug 2024 01:32:30 GMT
Last-Modified: Mon, 29 Jul 2024 12:40:21 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "66a78db5-1569"
Content-Length: 5481
Content-Type: image/png

POST
H3 200 log-client-error
push-drop.club/api/v1/visit/ 0
0 103ms
101ms Fetch 2606:4700:3032::ac43:c37d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://push-drop.club/api/v1/visit/log-client-error
Requested by: Host: push-drop.club
URL: https://push-drop.club/ace-push.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c37d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://itemtesting.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 19 Aug 2024 01:32:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O970y1gydtOHWB1kkFItHZHX9AYxPQx2bDM2rGLJntzH0%2BQG2tg6sEEEe8IiwCBFSnBJkRjcOUcwl2rrrWXxBbky4zCk57cCloe%2F%2Bc9UrbdMacfo1NlJ83NNrox9oUX48x1pN%2BUrkvmsO8zM%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8b5663f4d8934207-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H3 200 log-client-error
push-drop.club/api/v1/visit/ 0
0 375ms
307ms Preflight 2606:4700:3032::ac43:c37d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://push-drop.club/api/v1/visit/log-client-error
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c37d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://itemtesting.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b5663f2ee944207-EWR
content-length: 0
date: Mon, 19 Aug 2024 01:32:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njG7jPp%2FQCfMHr9J%2BgifrQ9EcSQWPwtByo7FuGFDURwfVXRmGXO3XHfXR5ypRMjIyQz8snxjJYdHAXYNuW7UpXWMtbFM8igHh%2Bloz7xJIcZWmYkhkT3Z2NxdR1j95xq6KCuZM7LxeckkLoiQ9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK thumb.png
itemtesting.co/chatv2/img/ 5 KB
0 0ms
0ms Image
image/png 77.241.65.67
OPTILANAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itemtesting.co/chatv2/img/thumb.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.241.65.67 , Latvia, ASN210130 (OPTILANAS, LV),
Reverse DNS
Software: nginx /
Resource Hash: aef79b40ccaf6c66e35d7a94fd17148c02429a48207b8b5300475e0e1520755e

Request headers

Referer: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 19 Aug 2024 01:32:30 GMT
Last-Modified: Mon, 29 Jul 2024 12:40:21 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "66a78db5-1569"
Content-Length: 5481
Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hebcicwr.com/	1970-01-20 22:55:17	Name: fed1f021-dfac-423d-8fd2-99facffc8e1c-v4 Value: eE4PRTI0KK_7MWipwGXeACF9kRby1hpjbjATuCLlv64
			.hebcicwr.com/	1970-01-20 22:55:17	Name: cep-v4 Value: E0qjzQOsHZKssdCFNUpb_Mx92APrfO3bnywupG3y9KNyDYRaXZfygXlhqh7dTaohvzfRjVE_Do8gl5tBtp-JGuO4XCPRNI_evBt2dRTmcqRMlLwjLpG92qsWbsxiJmxpWok29uRk7vOhSQu0QmPJtvf7JVs-_-m3iyYBoxnvsdfYs362ozQmI7DxqUNuEhl8KaQJMSZnhj-mygLdXKn8Z9ldTOCoy1o7w1NGZUOzxaiVNHJbaRyLr-Pcm1MfFaZAolx9R06Wo45JCvtz6Ww3mxrYC3m_6cHkYktI1ROAgnFh4AEDUEgV7uUyx_BXtUj0kyluMSqgBY2ipUY2eaP7898vy2VbMQII0ABsEati9xVk3U-_EkAAhMoKPYjd9nX6I3OnSlqNvMHGjECLwEn1mA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://itemtesting.co/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	error	URL: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
javascript	warning	URL: https://itemtesting.co/chatv2/?dom=hebcicwr.com&cep=71YBDqwBiZqRmq90MAsSH3Y4jbx9KNwYFX_EPUOnztpk2UkWeyrJgW6rCbkegWOoZRA6boTvy8pt1pMEsl6pzB1ZsbGGfFII7NiJMyInGdNrM7UnXdQGtKk1y5Xw9TaOmr4FbMm6tbcV12BBSUvp0MTUhhruu_y0__KBk9GMfpLuCUvOBLyLvwv-Grk5F1YSAQGYJyR7RPXoGzy35V05mSB0GcyeJRtxmiUvTcb8XjpDhwyYJy0-I0phsEwKgkjQ3Hksjl6f71tyw0jYG2yn7J-FuYYzugSwmZ4RXa5H-Zq92tApObbBHjE1B20lwaKZN97ovR4u7B4bVaK0v3f5D2bXMYD-7MgJSNg7DZFN04ybW7eca1Gu8K_3g2ZP8uhj4EJs5kJj99b7MFjQRNffag&lptoken=17ff2463038529895008 Message: The resource https://itemtesting.co/chatv2/img/product.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
hebcicwr.com
itemtesting.co
push-drop.club
push-visit.xyz
unpkg.com
use.fontawesome.com
20.50.64.3
2600:9000:247b:4400:9:a66f:a880:93a1
2606:4700:3032::ac43:c37d
2606:4700:3037::ac43:8ef5
2606:4700::6811:190e
2606:4700::6811:f8cb
2607:f8b0:4006:816::2003
2607:f8b0:4006:81c::200a
77.241.65.67
162bd58ce974c367e9c8fdd29496473bb2ac76fdf3d2d3a1542b3eecf9ca05a4
317cc0a8cc338e478008e9993e0922ac5a2b61e8abb27c327b3abb5d3f63b3b8
434cc2ad4b3621f5d6631d2e30a25f1bddc2bc5ea8548236d70698b00578ffc4
4951807e67639d15ed7e8b824c025f9e10061cd22dd1c37429dc16b54e6d638d
5efe9b65e43bca862eebe94b73eb09c218c0cba232451fa8f26922bb639ec946
62a9e74bf710eef13b81f56375fc7e24c8b91050fa9ba66a75e9a3f35aece8f5
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
903cdd562ac9f3359f41bfac7aeddcf0483da08d41a6c5cda0ecf303f27a7d71
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
aabfeb6ea02f8e4f3e5490309d203f71b63ef57d475adba9df2344d3e32a1947
aef79b40ccaf6c66e35d7a94fd17148c02429a48207b8b5300475e0e1520755e
b09b0920822a9385cac1bb34a1df9f96489dbbef839a5f33cf73c84b730410b5
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d83cd6e4594055df700b02c81e3c2110714be6b0052870207011c8c8d16248d8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

itemtesting.co Open in urlscan Pro 77.241.65.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

78 %IPv6

9 Domains

9 Subdomains

8 IPs

3 Countries

393 kBTransfer

529 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

2 Cookies

3 Console Messages

Security Headers

Indicators

itemtesting.co Open in urlscan Pro
77.241.65.67 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

393 kB
Transfer

529 kB
Size

2
Cookies

20 HTTP transactions
0 data transactions