urlscan.io logo urlscan.io
SecurityTrails logo

j2j.kz Open in urlscan Pro
185.98.5.191  Public Scan

Go To Rescan Add Verdict Report
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Submission: On May 12 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 29 HTTP transactions. The main IP is 185.98.5.191, located in Kazakhstan and belongs to HOSTER-NS Hoster.KZ - Nur-Sultan, KZ. The main domain is j2j.kz.
This is the only time j2j.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    185.98.5.191 (Kazakhstan)

ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ)
PTR: pkz46.hoster.kz
j2j.kz
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2607:f8b0:4006:80b::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yandex.ru
1    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yandex.st
7    2607:f8b0:4006:81c::2004 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google.com
4    2607:f8b0:4006:80d::2004 (Staten Island, United States)

ASN15169 (GOOGLE, US)
t1.gstatic.com
2    2607:f8b0:4006:824::2004 (Staten Island, United States)

ASN15169 (GOOGLE, US)
t3.gstatic.com
1    2607:f8b0:4006:808::2004 (Staten Island, United States)

ASN15169 (GOOGLE, US)
t0.gstatic.com
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
2    2607:fbe0:1:42::f (United States)

ASN40824 (WZCOM-, US)
pastivapte.pro
2    23.235.244.226 (Phoenix, United States)

ASN20454 (SSASN2, US)
d.ftte.xyz
3    2606:4700:3031::ac43:b825 (United States)

ASN13335 (CLOUDFLARENET, US)
s.ftte.xyz
Apex Domain
Subdomains		 Transfer
7 gstatic.com
t1.gstatic.com
t3.gstatic.com
t0.gstatic.com
5 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 7
3 KB
5 ftte.xyz
d.ftte.xyz — Cisco Umbrella Rank: 114227
s.ftte.xyz — Cisco Umbrella Rank: 132153
340 KB
5 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1392
mc.yandex.ru — Cisco Umbrella Rank: 3290
52 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 295
100 KB
4 j2j.kz
j2j.kz
23 KB
2 pastivapte.pro
pastivapte.pro
573 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
82 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 714
36 KB
1 yandex.st
yandex.st — Cisco Umbrella Rank: 56471
2 KB
29 10
Domain Requested by
7 www.google.com 7 redirects
4 mc.yandex.ru 1 redirects j2j.kz
4 t1.gstatic.com j2j.kz
4 ajax.googleapis.com j2j.kz
ajax.googleapis.com
4 j2j.kz j2j.kz
3 s.ftte.xyz
2 d.ftte.xyz j2j.kz
2 pastivapte.pro 1 redirects j2j.kz
2 t3.gstatic.com j2j.kz
2 cdnjs.cloudflare.com j2j.kz
cdnjs.cloudflare.com
2 maxcdn.bootstrapcdn.com j2j.kz
1 t0.gstatic.com j2j.kz
1 yandex.st j2j.kz
1 yandex.ru 1 redirects
29 14

This site contains links to these domains. Also see Links.

Domain
google.com
yandex.kz
yandex.ru
www.yandex.com
go.mail.ru
www.bing.com
www.ask.com
xml.yandex.ru
www.ftte.xyz
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.ftte.xyz
E1		 2022-05-05 -
2022-08-03		 3 months crt.sh
ftte.xyz
R3		 2022-03-19 -
2022-06-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://j2j.kz/index.php?q=Secretstars%20mila
Frame ID: 3C5868360D0AABA4B965D7A09F694E98
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Secret stars sessions Forum

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

29
Requests

38 %
HTTPS

86 %
IPv6

10
Domains

14
Subdomains

12
IPs

3
Countries

639 kB
Transfer

1263 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css HTTP 307
  • https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
Request Chain 1
  • http://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js HTTP 307
  • https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
Request Chain 9
  • http://yandex.ru/favicon.ico HTTP 302
  • http://yandex.st/lego/_/pDu9OWAQKB0s2J9IojKpiS_Eho.ico
Request Chain 10
  • http://www.google.com/s2/favicons?domain=snapcamz.cc HTTP 301
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://snapcamz.cc&size=16
Request Chain 11
  • http://www.google.com/s2/favicons?domain=vk.com HTTP 301
  • https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://vk.com&size=16
Request Chain 12
  • http://www.google.com/s2/favicons?domain=bellezasasiaticas.forum.cool HTTP 301
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bellezasasiaticas.forum.cool&size=16
Request Chain 13
  • http://www.google.com/s2/favicons?domain=ilovemodels.cc HTTP 301
  • https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ilovemodels.cc&size=16
Request Chain 14
  • http://www.google.com/s2/favicons?domain=www.biertamente.net HTTP 301
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.biertamente.net&size=16
Request Chain 15
  • http://www.google.com/s2/favicons?domain=maxilingvo.kz HTTP 301
  • https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://maxilingvo.kz&size=16
Request Chain 16
  • http://www.google.com/s2/favicons?domain=model.com.se HTTP 301
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://model.com.se&size=16
Request Chain 19
  • http://pastivapte.pro/czD.9G6Fbl2p5IlbS/WqQd9xN-DlQawSNiTrc/5wMBwI HTTP 301
  • https://pastivapte.pro/czD.9G6Fbl2p5IlbS/WqQd9xN-DlQawSNiTrc/5wMBwI
Request Chain 21
  • https://mc.yandex.ru/watch/69071248?wmode=7&page-url=http%3A%2F%2Fj2j.kz%2Findex.php%3Fq%3DSecretstars%2520mila&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2s48awifpnz15xts%3Afp%3A836%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A640777475905%3Ahid%3A477409248%3Az%3A0%3Ai%3A20220512061122%3Aet%3A1652335883%3Ac%3A1%3Arn%3A564824266%3Arqn%3A1%3Au%3A1652335883672013740%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1652335881351%3Ads%3A210%2C195%2C263%2C0%2C0%2C0%2C%2C843%2C25%2C%2C%2C%2C1512%3Aco%3A0%3Arqnl%3A1%3Ast%3A1652335883%3At%3ASecret%20stars%20sessions%20Forum&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/69071248/1?wmode=7&page-url=http%3A%2F%2Fj2j.kz%2Findex.php%3Fq%3DSecretstars%2520mila&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2s48awifpnz15xts%3Afp%3A836%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A640777475905%3Ahid%3A477409248%3Az%3A0%3Ai%3A20220512061122%3Aet%3A1652335883%3Ac%3A1%3Arn%3A564824266%3Arqn%3A1%3Au%3A1652335883672013740%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1652335881351%3Ads%3A210%2C195%2C263%2C0%2C0%2C0%2C%2C843%2C25%2C%2C%2C%2C1512%3Aco%3A0%3Arqnl%3A1%3Ast%3A1652335883%3At%3ASecret%20stars%20sessions%20Forum&t=gdpr%2814%29aw%281%29ti%282%29

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
j2j.kz/ 		29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
HTTP/1.1
Server
185.98.5.191 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
pkz46.hoster.kz
Software
nginx / PHP/5.6.40 PleskLin
Resource Hash
0e16c0483fcfb7e6e458478e0f2390bfaa3fc092951bdc9ce27442baf64b2599

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 May 2022 06:11:21 GMT
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40 PleskLin
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/
Redirect Chain
  • http://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
  • https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617
age
1625782
cdn-cachedat
2021-03-10 13:26:31
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
925b99b596a8cf8ece804e1dd65db9f9
cdn-requestcountrycode
US
cf-ray
70a0ff1f0ea37142-YUL
cdn-cache
HIT
cdn-requestpullsuccess
True

Redirect headers

Location
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/
Redirect Chain
  • http://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
  • https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
18032931
cdn-cachedat
2021-06-08 14:21:11
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
726856b1545d414936167413a2c6f035
cf-ray
70a0ff1f0ea47142-YUL
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

Location
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1236773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oC6zKAwSprUk4RgSOarDU1bddAf3EVkN9DgyQ%2FzpylrKp3oxnCLa0KYy%2FzVRetuf%2FojUTcHzcKw1fU5Fo9P3KsrOQQMPE4Qqb3gcZp35Up3gUkUeMlWL9lUDUv5vWkORk%2FFPCc8GnIWh3UMMs7uSKlh0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70a0ff1ef9fd7144-YUL
expires
Tue, 02 May 2023 06:11:22 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 00:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 00:29:32 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/themes/smoothness/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/themes/smoothness/jquery-ui.css
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bba92f99f2514add495efe994a74f8602180e17ff646d9d4260f3bc8302f043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 06 May 2022 00:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
537139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6001
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 May 2023 00:59:03 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/ 		223 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 19:43:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61441
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 19:43:29 GMT
j2j-35.jpg
j2j.kz/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://j2j.kz/j2j-35.jpg
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
HTTP/1.1
Server
185.98.5.191 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
pkz46.hoster.kz
Software
nginx / PleskLin
Resource Hash
34028130be465b59cc8675459e11e7b7237ac284dfa1850bd759092d2f8b9b7e

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/index.php?q=Secretstars%20mila
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 12 May 2022 06:11:22 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2022 09:11:43 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"624ffc4f-612"
Transfer-Encoding
chunked
Content-Type
image/jpeg
Connection
keep-alive
mxkztbtmtxn.php
j2j.kz/a/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://j2j.kz/a/mxkztbtmtxn.php
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
HTTP/1.1
Server
185.98.5.191 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
pkz46.hoster.kz
Software
nginx / PHP/5.6.40, PleskLin
Resource Hash
696f0c0f176bb5be3801c0e87a7b411530bd560bc461d339d3cd8229197e0cc6

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/index.php?q=Secretstars%20mila
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 12 May 2022 06:11:22 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40, PleskLin
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=120
Connection
keep-alive
4405793-f19b26ce25.php
j2j.kz/a/ 		258 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
http://j2j.kz/a/4405793-f19b26ce25.php
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
HTTP/1.1
Server
185.98.5.191 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
pkz46.hoster.kz
Software
nginx / PHP/5.6.40, PleskLin
Resource Hash
26c2d5cfb0fd134d51408090a95d558dd3287a5d95c1157940fd5ab8802687d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/index.php?q=Secretstars%20mila
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 12 May 2022 06:11:22 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.6.40, PleskLin
Transfer-Encoding
chunked
Content-Type
application/javascript
pDu9OWAQKB0s2J9IojKpiS_Eho.ico
yandex.st/lego/_/
Redirect Chain
  • http://yandex.ru/favicon.ico
  • http://yandex.st/lego/_/pDu9OWAQKB0s2J9IojKpiS_Eho.ico
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yandex.st/lego/_/pDu9OWAQKB0s2J9IojKpiS_Eho.ico
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
HTTP/1.1
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
d1d3e1854876cd946c057f3c163ab21d369b4ba738fe466a94f486321f10c362
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 12 May 2022 06:11:22 GMT
Strict-Transport-Security
max-age=43200000; includeSubDomains;
NEL
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Connection
keep-alive
Content-Length
1150
X-Nginx-Request-Id
d6c7206b9367f857
Last-Modified
Thu, 10 Jan 2019 06:01:41 GMT
Server
nginx/1.17.9
Etag
"271fd5ebbf2b3529cd55563ad3e92b57"
Vary
Accept-Encoding
Report-To
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=216013
Accept-Ranges
bytes
Timing-Allow-Origin
*
Keep-Alive
timeout=5
Expires
Sat, 14 May 2022 18:08:32 GMT

Redirect headers

Date
Thu, 12 May 2022 06:11:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
Vary
Accept-Encoding
Report-To
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Content-Type
text/html; charset=iso-8859-1
Location
http://yandex.st/lego/_/pDu9OWAQKB0s2J9IojKpiS_Eho.ico
Content-Length
212
faviconV2
t1.gstatic.com/
Redirect Chain
  • http://www.google.com/s2/favicons?domain=snapcamz.cc
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://snapcamz.cc&size=16
555 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://snapcamz.cc&size=16
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Server
2607:f8b0:4006:80d::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65624d59c209631d78111f4d4abde29da680e453462e8822c49af3da2ac369cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 07 May 2022 13:54:47 GMT
x-content-type-options
nosniff
age
404195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
0
last-modified
Wed, 29 Nov 2017 12:34:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
http://i.imgur.com/ABb8xPB.png
expires
Sat, 14 May 2022 13:54:47 GMT

Redirect headers

Date
Thu, 12 May 2022 05:45:20 GMT
X-Content-Type-Options
nosniff
Server
sffe
Age
1562
Content-Type
text/html; charset=UTF-8
Location
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://snapcamz.cc&size=16
Cache-Control
public, max-age=1800
Content-Length
331
X-XSS-Protection
0
Expires
Thu, 12 May 2022 06:15:20 GMT
faviconV2
t3.gstatic.com/
Redirect Chain
  • http://www.google.com/s2/favicons?domain=vk.com
  • https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://vk.com&size=16
275 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://vk.com&size=16
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Server
2607:f8b0:4006:824::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e5e74ed56d776e112d4e47602e370a81add3c8e158ae854a363fd62ddd7a661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 18:52:21 GMT
x-content-type-options
nosniff
age
127141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 11:57:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://m.vk.com/images/icons/pwa/favicon_32.png?12
expires
Tue, 17 May 2022 18:52:21 GMT

Redirect headers

Date
Thu, 12 May 2022 06:11:22 GMT
X-Content-Type-Options
nosniff
Server
sffe
Content-Type
text/html; charset=UTF-8
Location
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://vk.com&size=16
Cache-Control
public, max-age=1800
Content-Length
326
X-XSS-Protection
0
Expires
Thu, 12 May 2022 06:41:22 GMT
faviconV2
t1.gstatic.com/
Redirect Chain
  • http://www.google.com/s2/favicons?domain=bellezasasiaticas.forum.cool
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bellezasasiaticas.forum.cool&size=16
726 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bellezasasiaticas.forum.cool&size=16
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Server
2607:f8b0:4006:80d::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:11:22 GMT
x-content-type-options
nosniff
server
sffe
content-type
image/png
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
726
x-xss-protection
0

Redirect headers

Date
Thu, 12 May 2022 06:10:13 GMT
X-Content-Type-Options
nosniff
Server
sffe
Age
69
Content-Type
text/html; charset=UTF-8
Location
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bellezasasiaticas.forum.cool&size=16
Cache-Control
public, max-age=1800
Content-Length
348
X-XSS-Protection
0
Expires
Thu, 12 May 2022 06:40:13 GMT
faviconV2
t0.gstatic.com/
Redirect Chain
  • http://www.google.com/s2/favicons?domain=ilovemodels.cc
  • https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ilovemodels.cc&size=16
265 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ilovemodels.cc&size=16
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Server
2607:f8b0:4006:808::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23c5292154dcd865e8641aaaa1671232ad3bd6b6725b1f972b3545bdb0b8c085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 23:31:02 GMT
x-content-type-options
nosniff
age
110420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
265
x-xss-protection
0
last-modified
Thu, 26 Nov 2020 02:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
http://ilovemodels.cc/apple-touch-icon-72x72.png
expires
Tue, 17 May 2022 23:31:02 GMT

Redirect headers

Date
Thu, 12 May 2022 06:10:13 GMT
X-Content-Type-Options
nosniff
Server
sffe
Age
69
Content-Type
text/html; charset=UTF-8
Location
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ilovemodels.cc&size=16
Cache-Control
public, max-age=1800
Content-Length
334
X-XSS-Protection
0
Expires
Thu, 12 May 2022 06:40:13 GMT
faviconV2
t1.gstatic.com/
Redirect Chain
  • http://www.google.com/s2/favicons?domain=www.biertamente.net
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.biertamente.net&size=16
556 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.biertamente.net&size=16
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Server
2607:f8b0:4006:80d::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be91bba223f07f7eedebf34b5492ef0a0936ac0c0951b013e8741fb9ed95076d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 06 May 2022 14:38:06 GMT
x-content-type-options
nosniff
age
487996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
x-xss-protection
0
last-modified
Wed, 11 Apr 2018 00:06:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
http://www.biertamente.net/favicon.ico
expires
Fri, 13 May 2022 14:38:06 GMT

Redirect headers

Date
Thu, 12 May 2022 06:11:22 GMT
X-Content-Type-Options
nosniff
Server
sffe
Content-Type
text/html; charset=UTF-8
Location
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.biertamente.net&size=16
Cache-Control
public, max-age=1800
Content-Length
339
X-XSS-Protection
0
Expires
Thu, 12 May 2022 06:41:22 GMT
faviconV2
t3.gstatic.com/
Redirect Chain
  • http://www.google.com/s2/favicons?domain=maxilingvo.kz
  • https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://maxilingvo.kz&size=16
230 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://maxilingvo.kz&size=16
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Server
2607:f8b0:4006:824::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a96d36cfb1370b5557d1b2c176c1a886b163cfd7f786e45b50f8cd9035c894ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 06 May 2022 03:12:32 GMT
x-content-type-options
nosniff
age
529130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
230
x-xss-protection
0
last-modified
Wed, 11 Apr 2018 02:40:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://yastatic.net/morda-logo/i/ya_favicon_ru.png
expires
Fri, 13 May 2022 03:12:32 GMT

Redirect headers

Date
Thu, 12 May 2022 06:11:22 GMT
X-Content-Type-Options
nosniff
Server
sffe
Content-Type
text/html; charset=UTF-8
Location
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://maxilingvo.kz&size=16
Cache-Control
public, max-age=1800
Content-Length
333
X-XSS-Protection
0
Expires
Thu, 12 May 2022 06:41:22 GMT
faviconV2
t1.gstatic.com/
Redirect Chain
  • http://www.google.com/s2/favicons?domain=model.com.se
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://model.com.se&size=16
321 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://model.com.se&size=16
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H3
Server
2607:f8b0:4006:80d::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcd1c94a939e1c7a8c92f6551689f10c20ddf7bf44a5e4260fb683a72b8da18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 15:51:58 GMT
x-content-type-options
nosniff
age
51564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
321
x-xss-protection
0
last-modified
Wed, 11 Apr 2018 00:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://model.com.se/favicon.ico
expires
Wed, 18 May 2022 15:51:58 GMT

Redirect headers

Date
Thu, 12 May 2022 06:11:22 GMT
X-Content-Type-Options
nosniff
Server
sffe
Content-Type
text/html; charset=UTF-8
Location
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://model.com.se&size=16
Cache-Control
public, max-age=1800
Content-Length
332
X-XSS-Protection
0
Expires
Thu, 12 May 2022 06:41:22 GMT
watch.js
mc.yandex.ru/metrika/ 		139 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
90e26b938b5ff7aed543c200da8df7a95272cb2e65a0db36295f72662e395af6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:11:22 GMT
content-encoding
br
last-modified
Fri, 06 May 2022 13:09:00 GMT
etag
"6274f3bc-c5b6"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
50614
expires
Thu, 12 May 2022 07:11:22 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
http://j2j.kz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:11:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
536542
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Or1PjywjyJmMii3JktQaXXmWIDUqJATeJ7PA2hBXKJQb7MLRu%2BHXNYoK52dZM%2BYtLSdYPKq4X%2FpWNtKhtvGWMfYqgryHckTDpjFLn1%2FHdCzUl2sGMUQEsUTfmcW4EdCtO98l%2Bah81ZSJ4ejCGsj0e0Xf"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70a0ff1fb83d7136-YUL
expires
Tue, 02 May 2023 06:11:22 GMT
5wMBwI
pastivapte.pro/czD.9G6Fbl2p5IlbS/WqQd9xN-DlQawSNiTrc/
Redirect Chain
  • http://pastivapte.pro/czD.9G6Fbl2p5IlbS/WqQd9xN-DlQawSNiTrc/5wMBwI
  • https://pastivapte.pro/czD.9G6Fbl2p5IlbS/WqQd9xN-DlQawSNiTrc/5wMBwI
0
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pastivapte.pro/czD.9G6Fbl2p5IlbS/WqQd9xN-DlQawSNiTrc/5wMBwI
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Server
2607:fbe0:1:42::f , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:11:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
server
nginx
expires
Mon, 26 Jul 2011 05:00:00 GMT

Redirect headers

Date
Thu, 12 May 2022 06:11:22 GMT
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
text/html
Location
https://pastivapte.pro/czD.9G6Fbl2p5IlbS/WqQd9xN-DlQawSNiTrc/5wMBwI
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
162
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ui-bg_flat_75_ffffff_40x100.png
ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/themes/smoothness/images/ 		260 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/themes/smoothness/images/ui-bg_flat_75_ffffff_40x100.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/themes/smoothness/jquery-ui.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91411b5954162a3763020415863fec17438020e287ec1822dd99bbf07e6cf991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/themes/smoothness/jquery-ui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:42:40 GMT
x-content-type-options
nosniff
age
469722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 06 May 2023 19:42:40 GMT
1
mc.yandex.ru/watch/69071248/
Redirect Chain
  • https://mc.yandex.ru/watch/69071248?wmode=7&page-url=http%3A%2F%2Fj2j.kz%2Findex.php%3Fq%3DSecretstars%2520mila&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2s48awifpnz15xts%3Afp%3A836%...
  • https://mc.yandex.ru/watch/69071248/1?wmode=7&page-url=http%3A%2F%2Fj2j.kz%2Findex.php%3Fq%3DSecretstars%2520mila&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2s48awifpnz15xts%3Afp%3A83...
338 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/69071248/1?wmode=7&page-url=http%3A%2F%2Fj2j.kz%2Findex.php%3Fq%3DSecretstars%2520mila&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2s48awifpnz15xts%3Afp%3A836%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A640777475905%3Ahid%3A477409248%3Az%3A0%3Ai%3A20220512061122%3Aet%3A1652335883%3Ac%3A1%3Arn%3A564824266%3Arqn%3A1%3Au%3A1652335883672013740%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1652335881351%3Ads%3A210%2C195%2C263%2C0%2C0%2C0%2C%2C843%2C25%2C%2C%2C%2C1512%3Aco%3A0%3Arqnl%3A1%3Ast%3A1652335883%3At%3ASecret%20stars%20sessions%20Forum&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
3c77dcb7e5e45485ed84be37a3ea3f46ab02e959b203b4cb231aba71653f14b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:11:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 12-May-2022 06:11:23 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
http://j2j.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Thu, 12-May-2022 06:11:23 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 06:11:23 GMT
last-modified
Thu, 12-May-2022 06:11:23 GMT
location
/watch/69071248/1?wmode=7&page-url=http%3A%2F%2Fj2j.kz%2Findex.php%3Fq%3DSecretstars%2520mila&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2s48awifpnz15xts%3Afp%3A836%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A640777475905%3Ahid%3A477409248%3Az%3A0%3Ai%3A20220512061122%3Aet%3A1652335883%3Ac%3A1%3Arn%3A564824266%3Arqn%3A1%3Au%3A1652335883672013740%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1652335881351%3Ads%3A210%2C195%2C263%2C0%2C0%2C0%2C%2C843%2C25%2C%2C%2C%2C1512%3Aco%3A0%3Arqnl%3A1%3Ast%3A1652335883%3At%3ASecret%20stars%20sessions%20Forum&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
http://j2j.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 12-May-2022 06:11:23 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: j2j.kz
URL: http://j2j.kz/index.php?q=Secretstars%20mila
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:11:23 GMT
last-modified
Fri, 06 May 2022 13:09:00 GMT
etag
"6274f3bc-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 12 May 2022 07:11:23 GMT
/
d.ftte.xyz/d/ 		119 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://d.ftte.xyz/d/?resource=bundler&nada=1&widgets=2270466:1,2270469:1,2270451:1,2270470:1,2270468:1&isct=1652335667&rfrr=http://j2j.kz/index.php?q=Secret%20stars%20custom&iscs=ZDY5ZWQzYzc0NjgxZDMxNWRhNjY1ZTEyZTdhMzRmMWRlOTk5MGVhYTZjMDM3YjhjNTljYTY4Mjc0MDdlZjY3ZnwwfDV8MTg1Ljk4LjUuMTkwfE1vemlsbGEvNS4wIChpUGhvbmU7IENQVSBpUGhvbmUgT1MgMTRfMiBsaWtlIE1hYyBPUyBYKSBBcHBsZVdlYktpdC82MDUuMS4xNSAoS0hUTUwsIGxpa2UgR2Vja28pIFZlcnNpb24vMTQuMC4xIE1vYmlsZS8xNUUxNDggU2FmYXJpLzYwNC4xfDM1NzExOXwxNjUyMzM1NjY3fGliYUhSMGNEb3ZMMm95YWk1cmVpOXBibVJsZUM1d2FIQS9jVDFUWldOeVpYUWxNakJ6ZEdGeWN5VXlNR04xYzNSdmJRPT0=&reqc=1&ver=322915c171d5df60.1652335667445&page=aHR0cDovL2oyai5rei9pbmRleC5waHA_cT1TZWNyZXRzdGFycyUyMG1pbGE=
Requested by
Host: j2j.kz
URL: http://j2j.kz/a/mxkztbtmtxn.php
Protocol
HTTP/1.1
Server
23.235.244.226 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
Software
nginx / Express
Resource Hash
60c5707f42877f7e40cbd09b7fab71d94a8acbbc60f56b6683973140f8f4ec13

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 12 May 2022 06:11:23 GMT
Content-Encoding
gzip
ETag
W/"1db14-gF7d0tJVJQoXvsvRzfAF1AUuDiw"
Server
nginx
X-Powered-By
Express
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://j2j.kz
Access-Control-Allow-Credentials
true
Connection
keep-alive
r53sBka11SZTsU8vy6GY1mXoqiEtoP.jpeg
s.ftte.xyz/prnotifications/2022/05/05/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ftte.xyz/prnotifications/2022/05/05/r53sBka11SZTsU8vy6GY1mXoqiEtoP.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b825 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee2e033daf760ff71cf5f205b4ca27704d5e97ece723c3d5817f272737b5c4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:11:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1320
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8215
last-modified
Thu, 05 May 2022 21:42:56 GMT
server
cloudflare
etag
"627444e0-2017"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TH%2FAL%2BbbT2aGxM4Htx%2BvxnQ71YdL0dteWzOk8cZ2zJu4SYKF5Ga8DcXpUhs%2BPyzw3GxZc10XnB6ivroq3DNPvMtqx7flxpD8o8%2BwXWWFQKFsvEWWuASgbIlBKXrswUOjClxaPzAa4QH0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70a0ff28fe217148-YUL
AWwxW8cM7hNgMYQuiUA49PFEdtzSou.png
s.ftte.xyz/prnotifications/2022/05/05/ 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ftte.xyz/prnotifications/2022/05/05/AWwxW8cM7hNgMYQuiUA49PFEdtzSou.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b825 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5fd0dfa4048e64f398d303e1c2e839802a113d9bca97b08a4d7c5088df98cab

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:11:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1320
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
189433
last-modified
Thu, 05 May 2022 21:42:56 GMT
server
cloudflare
etag
"627444e0-2e3f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2lDYCr9eukeEKS6V1t90M7EMtqfBGkKL%2FPu%2B4GCvCcsFd7WFYlAkVIOCB1rkHS2SaiADx9SyHfQVIEB7TsReZFAEANQbX9SYY5bdJwSAvhLJBIV9uYxXVAat%2Fo4hunk%2FLMmPmjbpwVL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70a0ff28fe227148-YUL
AZdiSbpcDVyEgUVAyesXXsc1pw5ksW.jpeg
s.ftte.xyz/prbanners/2020/07/29/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s.ftte.xyz/prbanners/2020/07/29/AZdiSbpcDVyEgUVAyesXXsc1pw5ksW.jpeg
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b825 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
721df822cbad1240a6a50854428ec00b4a78d405b25bf1dc31b6f3f82161c5c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 12 May 2022 06:11:23 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
5280
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
102420
Last-Modified
Wed, 29 Jul 2020 09:43:15 GMT
Server
cloudflare
ETag
"5f2144b3-19014"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnBxnoei3MTQiVgiw%2BBlYzBakO7K5ZeQ5cqvh%2Bc7CCKRsB7w1omr%2FuUOGzFQ8jc1tqAhpVIhPdKyZPso%2F2CcjQZISsUVFov8iFZq8N%2BwOJ6w%2BM3fUEBb3HGEXUYL8VACcqmAodEqCYs9"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
70a0ff28ebee7157-YUL
t.php
d.ftte.xyz/ 		0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.ftte.xyz/t.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.235.244.226 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://j2j.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 12 May 2022 06:11:24 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| bootstrap function| $ function| jQuery function| goloca55 function| typeString55 function| goloca2 function| goTo string| VCN boolean| face string| face_Url string| face_widget_id boolean| face_cookie_name boolean| nativeInjectionPlugs boolean| burst boolean| p_name boolean| p_settings boolean| p_expires number| p_widget_id boolean| sn number| snId string| snCN boolean| ipn number| ipnId string| tars boolean| vOw function| vOwf boolean| vOwb boolean| vOwbi boolean| vOwv boolean| vOwvi boolean| updates number| updatesId boolean| tnl string| domains_delivery string| conf_delivery_resource_http string| conf_delivery_resource_ws string| nativeInjectionPlugsId string| kodak_moment string| integrationScriptCreatedTimestamp string| rfrr string| integrationTypeAdblockSafe object| Pub2a function| Pub2b object| nativeInjectionAd number| _WiState object| pub function| Pub2 function| verGenerate function| getStyle number| _WiInP string| ipnC function| goJs function| close_the_window function| val_input function| goloca function| strpos function| RUN_FIND2 object| jQuery11110035801843900557184 object| Ya object| yaCounter69071248 boolean| pubappended string| key function| C9AA function| b9ff function| H5GG function| g9ff function| Z$u6G function| l7IzaB function| f2O7W number| O1e3p0 string| a1cnw3 function| d2KK object| b1cnw3 object| snas string| markup function| _798f87e828c723loadSN function| _798f87e828c723SN function| _798f87e828c723slideIn function| _798f87e828c723slideOut

9 Cookies

Domain/Path Name / Value
.j2j.kz/ Name: _ym_uid
Value: 1652335883672013740
.j2j.kz/ Name: _ym_d
Value: 1652335883
.yandex.ru/ Name: yandexuid
Value: 5169538981652335883
.yandex.ru/ Name: yuidss
Value: 5169538981652335883
mc.yandex.ru/ Name: yabs-sid
Value: 1773476471652335883
.yandex.ru/ Name: i
Value: wwGkkD1DkYjOLcwt42uW56eV/KWmsJTlE6K8yZ/PcLdB67XZAQquvhwJpeT+5aqU8sVr++pzj1picWvDYZf0xrvUxTc=
.yandex.ru/ Name: ymex
Value: 1967695883.yrts.1652335883#1967695883.yrtsi.1652335883
.j2j.kz/ Name: _ym_isad
Value: 2
.ftte.xyz/ Name: guid
Value: 140e34b2-7cc0-4595-9352-5019f1a07a84

1 Console Messages

Source Level URL
Text
network error URL: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bellezasasiaticas.forum.cool&size=16
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
d.ftte.xyz
j2j.kz
maxcdn.bootstrapcdn.com
mc.yandex.ru
pastivapte.pro
s.ftte.xyz
t0.gstatic.com
t1.gstatic.com
t3.gstatic.com
www.google.com
yandex.ru
yandex.st
185.98.5.191
23.235.244.226
2606:4700:3031::ac43:b825
2606:4700::6811:190e
2606:4700::6812:bcf
2607:f8b0:4006:808::2004
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80d::2004
2607:f8b0:4006:81c::2004
2607:f8b0:4006:824::2004
2607:fbe0:1:42::f
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
0e16c0483fcfb7e6e458478e0f2390bfaa3fc092951bdc9ce27442baf64b2599
1fcd1c94a939e1c7a8c92f6551689f10c20ddf7bf44a5e4260fb683a72b8da18
23c5292154dcd865e8641aaaa1671232ad3bd6b6725b1f972b3545bdb0b8c085
26c2d5cfb0fd134d51408090a95d558dd3287a5d95c1157940fd5ab8802687d2
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
34028130be465b59cc8675459e11e7b7237ac284dfa1850bd759092d2f8b9b7e
3c77dcb7e5e45485ed84be37a3ea3f46ab02e959b203b4cb231aba71653f14b1
3ee2e033daf760ff71cf5f205b4ca27704d5e97ece723c3d5817f272737b5c4d
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
5bba92f99f2514add495efe994a74f8602180e17ff646d9d4260f3bc8302f043
5e5e74ed56d776e112d4e47602e370a81add3c8e158ae854a363fd62ddd7a661
60c5707f42877f7e40cbd09b7fab71d94a8acbbc60f56b6683973140f8f4ec13
65624d59c209631d78111f4d4abde29da680e453462e8822c49af3da2ac369cc
696f0c0f176bb5be3801c0e87a7b411530bd560bc461d339d3cd8229197e0cc6
721df822cbad1240a6a50854428ec00b4a78d405b25bf1dc31b6f3f82161c5c7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
90e26b938b5ff7aed543c200da8df7a95272cb2e65a0db36295f72662e395af6
91411b5954162a3763020415863fec17438020e287ec1822dd99bbf07e6cf991
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
a96d36cfb1370b5557d1b2c176c1a886b163cfd7f786e45b50f8cd9035c894ef
be91bba223f07f7eedebf34b5492ef0a0936ac0c0951b013e8741fb9ed95076d
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
d1d3e1854876cd946c057f3c163ab21d369b4ba738fe466a94f486321f10c362
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5fd0dfa4048e64f398d303e1c2e839802a113d9bca97b08a4d7c5088df98cab