urlscan.io logo urlscan.io
SecurityTrails logo

en.img4.cam Open in urlscan Pro
2606:4700:3035::6815:59e7  Public Scan

Go To Rescan Add Verdict Report
URL: http://en.img4.cam/
Submission: On December 03 via manual from AR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3035::6815:59e7, located in United States and belongs to CLOUDFLARENET, US. The main domain is en.img4.cam.
This is the only time en.img4.cam was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.229.133.221 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 6 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 2 80.239.201.71 1299 (TWELVE99 ...)
17 12
1    2606:4700:3035::6815:59e7 (United States)

ASN13335 (CLOUDFLARENET, US)
en.img4.cam
1    192.229.133.221 (United States)

ASN15133 (EDGECAST, US)
www.w3schools.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700:3038::6815:ebaa (United States)

ASN13335 (CLOUDFLARENET, US)
jsjs.gazo.space
4    2606:4700:3038::6815:eba9 (United States)

ASN13335 (CLOUDFLARENET, US)
js.gazo.space
comments.gazo.space
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
2    80.239.201.71 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 80-239-201-71.teliacarrier-cust.com
mc.webvisor.org
Apex Domain
Subdomains		 Transfer
6 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3665
3 KB
5 gazo.space
jsjs.gazo.space — Cisco Umbrella Rank: 619479
js.gazo.space — Cisco Umbrella Rank: 537221
comments.gazo.space — Cisco Umbrella Rank: 592212
83 KB
2 webvisor.org
mc.webvisor.org — Cisco Umbrella Rank: 26954
859 B
2 google.com
translate.google.com — Cisco Umbrella Rank: 1238
27 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
43 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
67 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 203
5 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 296
30 KB
1 w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 16075
5 KB
1 img4.cam
en.img4.cam
12 KB
0 2chb.net Failed
2chb.net Failed
17 11
Domain Requested by
6 mc.yandex.ru 3 redirects
3 js.gazo.space en.img4.cam
2 mc.webvisor.org 1 redirects
2 translate.google.com 1 redirects en.img4.cam
1 www.googletagmanager.com js.gazo.space
1 cdn.jsdelivr.net js.gazo.space
1 cdnjs.cloudflare.com js.gazo.space
1 comments.gazo.space js.gazo.space
1 jsjs.gazo.space en.img4.cam
1 ajax.googleapis.com en.img4.cam
1 www.w3schools.com en.img4.cam
1 en.img4.cam
0 2chb.net Failed js.gazo.space
17 13

This site contains no links.

Subject Issuer Validity Valid
*.w3schools.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-08 -
2023-05-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh

This page contains 1 frames:

Frame: http://2chb.net/r/newsplus/h?uid=newsplus/h&67
Frame ID: 4C057447A73B490DF45B5D24EEB8DC69
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

17
Requests

59 %
HTTPS

82 %
IPv6

11
Domains

13
Subdomains

12
IPs

5
Countries

273 kB
Transfer

981 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit HTTP 301
  • https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Request Chain 8
  • http://data.jpg4.biz/ HTTP 301
  • http://2chb.net/r/newsplus/h HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67 HTTP 301
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
Request Chain 12
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fen.img4.cam%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A319372711037%3Ahid%3A558317095%3Az%3A0%3Ai%3A20221203101936%3Aet%3A1670062777%3Ac%3A1%3Arn%3A939521277%3Arqn%3A1%3Au%3A1670062777621126380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C6%2C29%2C2%2C0%2C0%2C%2C%2C%2C681%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670062776067%3Ast%3A1670062777&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fen.img4.cam%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A319372711037%3Ahid%3A558317095%3Az%3A0%3Ai%3A20221203101936%3Aet%3A1670062777%3Ac%3A1%3Arn%3A939521277%3Arqn%3A1%3Au%3A1670062777621126380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C6%2C29%2C2%2C0%2C0%2C%2C%2C%2C681%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670062776067%3Ast%3A1670062777&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 13
  • https://mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fen.img4.cam%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A971092339468%3Ahid%3A558317095%3Az%3A0%3Ai%3A20221203101936%3Aet%3A1670062777%3Ac%3A1%3Arn%3A831621355%3Arqn%3A1%3Au%3A1670062777621126380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C6%2C29%2C2%2C0%2C0%2C%2C%2C%2C681%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670062776067%3Arqnl%3A1%3Ast%3A1670062777%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fen.img4.cam%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A971092339468%3Ahid%3A558317095%3Az%3A0%3Ai%3A20221203101936%3Aet%3A1670062777%3Ac%3A1%3Arn%3A831621355%3Arqn%3A1%3Au%3A1670062777621126380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C6%2C29%2C2%2C0%2C0%2C%2C%2C%2C681%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670062776067%3Arqnl%3A1%3Ast%3A1670062777%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 15
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9841.vyuprZlYjdWMBm1PFRYFUYdT1j9GJ40npGfIwx3-6Ef3mLzfSu4UbFfRdxb6Yems.DtsFsYjN_dW2Rd7DyOZubsihNB8%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9841.DUYF37BYe6BejwKxUIZ35H6XsxqyCcvGy3pKCsJl76H8KnR4untlsEZDkX2UEszYfN1B-XOekIEg3EThuOxtVt5Yn9vKNXsXr71r8lu899xgl-5NmNSXdaeI3BUIgRRDE60XLJCR9TihOsxwUnUdr5ODXmR3-noAWkI-_5ycjyS-l_jJ3vk2CSLw9aEC614gi0FzPmt84D5Dcv6aGgaIHEY8KSLha7NjS8Dl_rSuqYg%2C.KpwVOnng51EyjtFnmiRh1J7gH7s%2C

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
en.img4.cam/ 		165 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://en.img4.cam/
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:59e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f27893463b95e583675a2c2364ff83f5df9f58f0652a1c2ad150d5839ec3026f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

55nloadrate
0.3328125
Access-Control-Allow-Headers
Cake
Access-Control-Allow-Origin
*
Age
6836
CF-Cache-Status
HIT
CF-RAY
773b909e991c9a35-FRA
Cache-Control
public, max-age=43200
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 03 Dec 2022 10:19:36 GMT
Last-Modified
Sat, 03 Dec 2022 08:25:40 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JsInML3M3iTksxEQ1zyZFOIkw5MeXd%2FVKW3mxmLf3IWpSRmhdn8IAw1DnIInwzX7Us9F2C%2Bd47%2B5zW%2BFSNgl8Hw6udoHHfKtrDgMJO0J069i4aINH%2FJCrREhxTRS2yfVxXKKZztCV8jzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Proxy-Cache-RZ
STALE
X-Proxy-Cache-g-jp
HIT
Xkey-g-jp2
en.img4.cam/--en.img4.cam--my_zone
XkeyRZ
en.img4.cam/--en.img4.cam-en.img4.cam-my_zone
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
imghost
127001-h-nimg4cammh-nimg4cam-SG-rm127001/
w3.css
www.w3schools.com/w3css/4/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: en.img4.cam
URL: http://en.img4.cam/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) / ASP.NET
Resource Hash
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding
gzip
date
Sat, 03 Dec 2022 10:19:36 GMT
last-modified
Fri, 02 Dec 2022 13:49:38 GMT
server
ECS (frb/6796)
age
8702
etag
"0855eeb546d91:0+gzip"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public,max-age=14400,public
accept-ranges
bytes
content-length
5256
x-content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: en.img4.cam
URL: http://en.img4.cam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 06:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 06:24:48 GMT
index.php
jsjs.gazo.space/ 		59 B
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsjs.gazo.space/index.php?js=very
Requested by
Host: en.img4.cam
URL: http://en.img4.cam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b80066dd3eebe94d16a99c12539f2023c402587dfab43ca032b16d28c1c2303

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

55nloadrate
0.4153125
date
Sat, 03 Dec 2022 10:19:36 GMT
content-encoding
br
imghost
240026512804c008ad763d1c3-h-jsjsgazospacmh--DE-rm2400cb004711024ac4674/index.php?js=very
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAYhxzm6VbYjTWEYYOWP6FV5hNwRRYeLk%2FgpWRgh%2FvKTLnzWMXyDRpJfFmGqX0x11LPdgqe6xIQ21qG8QYqELgBw5HZ0waDxwbpVdnOmZ6mkJagDI%2FP6SNFuunET8G477RmsyPB3LH%2F9zD3VgK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=360000, private
cf-ray
773b909efea99012-FRA
access-control-allow-headers
Cake
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
index.php
js.gazo.space/ 		167 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gazo.space/index.php?js=jpg4&aaa1
Requested by
Host: en.img4.cam
URL: http://en.img4.cam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eba9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b0ce188cb5d811fd1f73bb4699304aca083156ef62e8aa9e91e96a15ea637a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

55nloadrate
0.3703125
date
Sat, 03 Dec 2022 10:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
imghost
240026512804c008ad763d1c3-h-jsgazospacmh--RO-rm2400cb00711024a29565/index.php?js=jpg4&aaa1
last-modified
Sat, 03 Dec 2022 09:59:45 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bhni4MXa5RvOjcHLqpeMscFkMNrJAjJ3tBzIL5oNLSPvH%2BJIcvnQOAZqd0gIf3qxdO5dUPO7khAqIQOk4DE6B%2BjZJPVUvTDlIS%2FjmhWl1lzF0PY8GG0741j7rFBZf75klUjE%2Bx%2Bcqpi7oiEh"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=7200, s-max-age=1800
cf-ray
773b909eff4f996f-FRA
access-control-allow-headers
Cake
jpg4.css
js.gazo.space/mycss/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.gazo.space/mycss/jpg4.css
Requested by
Host: en.img4.cam
URL: http://en.img4.cam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eba9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558b689c128aa3bd6044b9440c64c56f0b9caaa3f215e96144787318dec000b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 10:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2563102
etag
W/"718-5a11787752b46"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NJDGJfYfLVEgV0%2BvR6lS1ChdTi3DJ3%2B%2BdJPkffSzP9I81qBIoN0c%2Foyo9y28OxlDbRmD1QdVun97JFtm%2BPi17s7FndTwu3Ok2N9CMAifvSxe23Mw3n0QP0wHmez83mdtSI3DmiB2IWtG85v"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600000
cf-ray
773b909eff4b996f-FRA
access-control-allow-headers
Cake
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
element.js
translate.google.com/translate_a/
Redirect Chain
  • http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
  • https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: en.img4.cam
URL: http://en.img4.cam/
Protocol
H2
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9a2b4262612c4584f12f3934cb922247a65230c15289178ec3d3ba115a78f87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 10:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 03 Dec 2022 10:19:36 GMT
X-Content-Type-Options
nosniff
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
application/binary
Location
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Length
0
X-XSS-Protection
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
index.php
js.gazo.space/ 		167 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gazo.space/index.php?js=jpg4&aaa2
Requested by
Host: en.img4.cam
URL: http://en.img4.cam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eba9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a26dcb87b92ef7b20e1a887e715da088d2ffdb8dcfd0dc26bbc5a8938e09390

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

55nloadrate
0.321875
date
Sat, 03 Dec 2022 10:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
640
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
imghost
240026512804c008ad763d1c3-h-jsgazospacmh--RU-rm2400cb00711024a295606/index.php?js=jpg4&aaa2
last-modified
Sat, 03 Dec 2022 10:08:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npvyFagtzkKM8tHZm5mH3ZY3ly74ncCTPClsw0uWS5DzLMCYWbu7%2FVWWBOz0DEkDo%2BWW%2Be8RGVDAFvo3t1xXvrgiUtAHG8vyGwhuZiqbuLf8wMyPkzBNYipxUmrHSz2u6S%2F%2BgvM4lkggJW9b"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=7200, s-max-age=1800
cf-ray
773b909eff4e996f-FRA
access-control-allow-headers
Cake
embed.js
comments.gazo.space/comments/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://comments.gazo.space/comments/embed.js?37
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
HTTP/1.1
Server
2606:4700:3038::6815:eba9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 10:19:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
330863
Cf-Polished
origSize=20813
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj
minify
Server
cloudflare
ETag
W/"514d-5e998fd344edc"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XY%2Fa%2FwhNKyKxPzmd9EFwj%2BUiTrFYVtTwAQp%2FvQzAG6p%2BCFvalNWaChpdDnxQYkkqHLH6zTxIF%2FJmRmy23A1bRXRn1iEp7WI2VS5%2B2pr4UndMu438npeFpsYGCpF24jEhdG4ifR3SyQK4YS3HWiCQOGYk"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
XkeyRip
jcomments./comments/embed.js?37-A-comments.gazo.space--my_zone-yes
Cache-Control
public, max-age=360000
X-Proxy-Cache-Rip
HIT
CF-RAY
773b90a2c9f1bbf2-FRA
h
2chb.net/r/newsplus/
Redirect Chain
  • http://data.jpg4.biz/
  • http://2chb.net/r/newsplus/h
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
  • http://2chb.net/r/newsplus/h?uid=newsplus/h&67
0
0
NoSleep.min.js
cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 10:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9987803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3953
last-modified
Fri, 29 May 2020 20:07:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed16b69-29bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWUJjRn1QMCAFEOGTnOvcwAw3VvKAR1fV2qs%2Be7%2BFiAfkAax1bQubP7T55v1rz6M0j2Te2Whm7byQbBUhHnwA41V9PpJwYyeemFV41EqswK54gwpHLLLavZahrUrX9cTlqsYgoVoQedSWAqFapmuHvLY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
773b90a2cff09131-FRA
expires
Thu, 23 Nov 2023 10:19:36 GMT
watch.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		161 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 10:19:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7207
x-jsd-version
1.250.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230043-FRA, cache-yyz4537-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"284a9-olkblV5dKsPdtysJ+KUa6G+Eb18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYmhRJLI%2F8lLusHuablsxtbsUs92tocPGcF1cROB4NSzFKi%2BTwtWhJLS9Kxu0hlHP2OEpARsElpNnjG6OB%2FoggKuK602JP7blQQHCjNrJokAB6TzJwnb%2BXAfYjTb8urUZEhOfn3i9bx6myVYmtw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
773b90a30eb09177-FRA
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-620120-3
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 10:19:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43619
x-xss-protection
0
last-modified
Sat, 03 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 03 Dec 2022 10:19:36 GMT
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fen.img4.cam%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fen.img4.cam%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Ac...
264 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fen.img4.cam%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A319372711037%3Ahid%3A558317095%3Az%3A0%3Ai%3A20221203101936%3Aet%3A1670062777%3Ac%3A1%3Arn%3A939521277%3Arqn%3A1%3Au%3A1670062777621126380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C6%2C29%2C2%2C0%2C0%2C%2C%2C%2C681%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670062776067%3Ast%3A1670062777&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 10:19:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 03-Dec-2022 10:19:37 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
http://en.img4.cam
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
264
x-xss-protection
1; mode=block
expires
Sat, 03-Dec-2022 10:19:37 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Dec 2022 10:19:37 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 03-Dec-2022 10:19:37 GMT
location
/watch/3/1?wmode=7&page-url=http%3A%2F%2Fen.img4.cam%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A319372711037%3Ahid%3A558317095%3Az%3A0%3Ai%3A20221203101936%3Aet%3A1670062777%3Ac%3A1%3Arn%3A939521277%3Arqn%3A1%3Au%3A1670062777621126380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C6%2C29%2C2%2C0%2C0%2C%2C%2C%2C681%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670062776067%3Ast%3A1670062777&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
http://en.img4.cam
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 03-Dec-2022 10:19:37 GMT
1
mc.yandex.ru/watch/48140495/
Redirect Chain
  • https://mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fen.img4.cam%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A...
  • https://mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fen.img4.cam%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%...
428 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fen.img4.cam%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A971092339468%3Ahid%3A558317095%3Az%3A0%3Ai%3A20221203101936%3Aet%3A1670062777%3Ac%3A1%3Arn%3A831621355%3Arqn%3A1%3Au%3A1670062777621126380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C6%2C29%2C2%2C0%2C0%2C%2C%2C%2C681%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670062776067%3Arqnl%3A1%3Ast%3A1670062777%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 10:19:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 03-Dec-2022 10:19:37 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
http://en.img4.cam
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
428
x-xss-protection
1; mode=block
expires
Sat, 03-Dec-2022 10:19:37 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Dec 2022 10:19:37 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 03-Dec-2022 10:19:37 GMT
location
/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fen.img4.cam%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A971092339468%3Ahid%3A558317095%3Az%3A0%3Ai%3A20221203101936%3Aet%3A1670062777%3Ac%3A1%3Arn%3A831621355%3Arqn%3A1%3Au%3A1670062777621126380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C6%2C29%2C2%2C0%2C0%2C%2C%2C%2C681%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670062776067%3Arqnl%3A1%3Ast%3A1670062777%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
http://en.img4.cam
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 03-Dec-2022 10:19:37 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 10:19:37 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 01 Dec 2022 16:28:44 GMT
etag
"6388ac0c-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 03 Dec 2022 11:19:37 GMT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9841.vyuprZlYjdWMBm1PFRYFUYdT1j9GJ40npGfIwx3-6Ef3mLzfSu4UbFfRdxb6Yems.DtsFsYjN_dW2Rd7DyOZubsihNB8%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9841.DUYF37BYe6BejwKxUIZ35H6XsxqyCcvGy3pKCsJl76H8KnR4untlsEZDkX2UEszYfN1B-XOekIEg3EThuOxtVt5Yn9vKNXsXr71r8lu899xgl-5NmNSXdaeI3BUIgRRDE60XLJCR9...
43 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9841.DUYF37BYe6BejwKxUIZ35H6XsxqyCcvGy3pKCsJl76H8KnR4untlsEZDkX2UEszYfN1B-XOekIEg3EThuOxtVt5Yn9vKNXsXr71r8lu899xgl-5NmNSXdaeI3BUIgRRDE60XLJCR9TihOsxwUnUdr5ODXmR3-noAWkI-_5ycjyS-l_jJ3vk2CSLw9aEC614gi0FzPmt84D5Dcv6aGgaIHEY8KSLha7NjS8Dl_rSuqYg%2C.KpwVOnng51EyjtFnmiRh1J7gH7s%2C
Protocol
H2
Server
80.239.201.71 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
80-239-201-71.teliacarrier-cust.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 10:19:37 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=9841.DUYF37BYe6BejwKxUIZ35H6XsxqyCcvGy3pKCsJl76H8KnR4untlsEZDkX2UEszYfN1B-XOekIEg3EThuOxtVt5Yn9vKNXsXr71r8lu899xgl-5NmNSXdaeI3BUIgRRDE60XLJCR9TihOsxwUnUdr5ODXmR3-noAWkI-_5ycjyS-l_jJ3vk2CSLw9aEC614gi0FzPmt84D5Dcv6aGgaIHEY8KSLha7NjS8Dl_rSuqYg%2C.KpwVOnng51EyjtFnmiRh1J7gH7s%2C
date
Sat, 03 Dec 2022 10:19:37 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
2chb.net
URL
http://2chb.net/r/newsplus/h?uid=newsplus/h&67

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

16 Cookies

Domain/Path Name / Value
.img4.cam/ Name: cnt
Value: 1
.img4.cam/ Name: _ym_uid
Value: 1670062777621126380
.img4.cam/ Name: _ym_d
Value: 1670062777
.yandex.ru/ Name: ymex
Value: 1701598777.yc.1670062777#1701598777.yrts.1670062777#1701598777.yrtsi.1670062777
.img4.cam/ Name: _ym_isad
Value: 2
mc.yandex.ru/ Name: yabs-sid
Value: 2003104931670062777
.yandex.ru/ Name: i
Value: niLQ4OKdNfZ2dzTv0ZsxtNzj/0hChPjEnBe/Sk16OfrGi2H+5PlbqV0sg+eGmqFjf1ctfy8QZ5/4CpiJI2TnNArtn1s=
.yandex.ru/ Name: yandexuid
Value: 5587767721670062777
.yandex.ru/ Name: yuidss
Value: 5587767721670062777
.img4.cam/ Name: _ym_visorc
Value: b
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 3802314138fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3959378229fake
.webvisor.org/ Name: yandexuid
Value: 5587767721670062777
.webvisor.org/ Name: yuidss
Value: 5587767721670062777
.webvisor.org/ Name: i
Value: niLQ4OKdNfZ2dzTv0ZsxtNzj/0hChPjEnBe/Sk16OfrGi2H+5PlbqV0sg+eGmqFjf1ctfy8QZ5/4CpiJI2TnNArtn1s=
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced

2 Console Messages

Source Level URL
Text
javascript warning URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 27)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 27)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.