privitem.cf Open in urlscan Pro
2606:4700:3034::ac43:afa2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://camitan.com/
Effective URL:
https://privitem.cf/
Submission Tags: falconsandbox
Submission: On January 27 via api (January 27th 2022, 3:17:46 am UTC) from US — Scanned from FR

Summary HTTP 38 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 11 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3034::ac43:afa2, located in United States and belongs to CLOUDFLARENET, US. The main domain is privitem.cf.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 15th 2021. Valid for: a year.

This is the only time privitem.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	188.165.53.185 188.165.53.185	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:400f:804::200a	15169 (GOOGLE) (GOOGLE)
5 5	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3030::6815:544	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:581a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	161.35.244.242 161.35.244.242	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
10	2606:4700:303... 2606:4700:3034::ac43:afa2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	10

14 188.165.53.185 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: cluster021.hosting.ovh.net

camitan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:804::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.187.169.47 (Frankfurt am Main, Germany) 5 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

sp-ao.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:544 (United States)

ASN13335 (CLOUDFLARENET, US)

autofaucet.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:581a (United States)

ASN13335 (CLOUDFLARENET, US)

webminepool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 161.35.244.242 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

yourvibe1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.yourvibe1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3034::ac43:afa2 (United States)

ASN13335 (CLOUDFLARENET, US)

privitem.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	camitan.com 1 redirects camitan.com	1016 KB
10	privitem.cf privitem.cf	68 KB
5	shortpixel.ai 5 redirects sp-ao.shortpixel.ai — Cisco Umbrella Rank: 18538	3 KB
2	yourvibe1.com yourvibe1.com — Cisco Umbrella Rank: 267750 0.yourvibe1.com	49 KB
2	autofaucet.org autofaucet.org — Cisco Umbrella Rank: 625782	5 KB
2	gstatic.com fonts.gstatic.com	79 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	3 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 4192	278 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
1	webminepool.com webminepool.com — Cisco Umbrella Rank: 848150	62 KB
38	11

	Domain	Requested by
14	camitan.com	1 redirects camitan.com
10	privitem.cf	0.yourvibe1.com privitem.cf
5	sp-ao.shortpixel.ai	5 redirects
2	autofaucet.org	camitan.com autofaucet.org
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	camitan.com
1	bit.ly	1 redirects
1	0.yourvibe1.com	yourvibe1.com
1	yourvibe1.com	camitan.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	autofaucet.org
1	webminepool.com	autofaucet.org
38	12

This site contains links to these domains. Also see Links.

Domain
bit.ly

Subject Issuer	Validity	Valid
camitan.com R3	`2022-01-04` - `2022-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-11` - `2022-08-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
1.yourvibe1.com R3	`2022-01-26` - `2022-04-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://privitem.cf/
Frame ID: 577EF4B7B7AED5504F3027A708CD3117
Requests: 32 HTTP requests in this frame

Frame: https://autofaucet.org/wm/trudyaga/4
Frame ID: 20D8535B273B736B1E159B6F22EAE77D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://camitan.com/ HTTP 301
https://camitan.com/ Page URL
https://yourvibe1.com/go/mrqwinlega5dinbyg4 Page URL
https://0.yourvibe1.com/index.php?p=mrqwinlega5dinbyg4 Page URL
https://bit.ly/33HDwOG HTTP 301
https://privitem.cf/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

76 %
HTTPS

64 %
IPv6

11
Domains

12
Subdomains

10
IPs

5
Countries

1338 kB
Transfer

4908 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://bit.ly/3FI5yqV
Title: Download

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://camitan.com/ HTTP 301
https://camitan.com/ Page URL
https://yourvibe1.com/go/mrqwinlega5dinbyg4 Page URL
https://0.yourvibe1.com/index.php?p=mrqwinlega5dinbyg4 Page URL
https://bit.ly/33HDwOG HTTP 301
https://privitem.cf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://camitan.com/ HTTP 301
https://camitan.com/

Request Chain 6

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://camitan.com/wp-content/uploads/2020/10/LOGO_CAMITAN_2020_01.png HTTP 302
https://camitan.com/wp-content/uploads/2020/10/LOGO_CAMITAN_2020_01.png

Request Chain 12

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://camitan.com/wp-content/uploads/2021/02/Homepage_02.jpg HTTP 302
https://camitan.com/wp-content/uploads/2021/02/Homepage_02.jpg

Request Chain 15

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://camitan.com/wp-content/uploads/2020/10/bouton.jpg HTTP 302
https://camitan.com/wp-content/uploads/2020/10/bouton.jpg

Request Chain 16

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://camitan.com/wp-content/uploads/2021/02/Welcome-to-the-camitan-museum.jpg HTTP 302
https://camitan.com/wp-content/uploads/2021/02/Welcome-to-the-camitan-museum.jpg

Request Chain 21

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://camitan.com/wp-content/uploads/2020/10/LOGO_CAMITAN_2020_01.png HTTP 302
https://camitan.com/wp-content/uploads/2020/10/LOGO_CAMITAN_2020_01.png

38 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
camitan.com/
Redirect Chain

http://camitan.com/
https://camitan.com/

83 KB
24 KB

1104ms
1061ms

Document
text/html

188.165.53.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://camitan.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster021.hosting.ovh.net
Software: Apache / PHP/7.4
Resource Hash: 65bfa33a5705436d89aeef5631c0e80ebab791c999da38e2548923668aa58d8b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

date: Thu, 27 Jan 2022 03:17:41 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4
link: <https://camitan.com/wp-json/>; rel="https://api.w.org/" <https://camitan.com/wp-json/wp/v2/pages/106>; rel="alternate"; type="application/json" <https://camitan.com/>; rel=shortlink
x-wp-cf-super-cache: disabled
x-wp-cf-super-cache-cache-control: no-store, no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

date: Thu, 27 Jan 2022 03:17:40 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/7.4
x-wp-cf-super-cache: disabled
x-redirect-by: WordPress
location: https://camitan.com/
x-iplb-request-id: 253BA46A:E808_BCA535B9:0050_61F20ED3_33F8:5AFB
x-iplb-instance: 38226

GET
H2 200 autoptimize_df13170a6c9d3015c0dd2d9d2f98e86d.css
camitan.com/wp-content/cache/autoptimize/css/ 976 KB
102 KB 47ms
46ms Stylesheet
text/css 188.165.53.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://camitan.com/wp-content/cache/autoptimize/css/autoptimize_df13170a6c9d3015c0dd2d9d2f98e86d.css
Requested by: Host: camitan.com
URL: https://camitan.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster021.hosting.ovh.net
Software: Apache /
Resource Hash: 66a0e1f7b187f8f8476dd0e9dea243c9b67534e2d4af20664862aa4a2e0f45ef

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:41 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 12:30:21 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 27 Jan 2022 03:32:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 192ms
67ms Stylesheet
text/css 2a00:1450:400f:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Requested by

Host: camitan.com
URL: https://camitan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac97bc7f217e4f44ef06f70136d703ef07504dcb904e0848bee504cc8a4aafc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 02:30:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Jan 2022 03:17:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jan 2022 03:17:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 194ms
70ms Stylesheet
text/css 2a00:1450:400f:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barrio:regular|Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin,latin-ext&display=swap

Requested by

Host: camitan.com
URL: https://camitan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0cfb3aa97c5c22017610ba05c238db72e7db9db664ca124ff4fe2c3637d2a5f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:17:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Jan 2022 03:17:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jan 2022 03:17:41 GMT

GET
H2 200 dashicons.min.css
camitan.com/wp-includes/css/ 58 KB
35 KB 23ms
22ms Stylesheet
text/css 188.165.53.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://camitan.com/wp-includes/css/dashicons.min.css?ver=5.8.3
Requested by: Host: camitan.com
URL: https://camitan.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster021.hosting.ovh.net
Software: Apache /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:41 GMT
content-encoding: gzip
last-modified: Sun, 16 Jan 2022 20:14:05 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 27 Jan 2022 03:32:41 GMT

GET
H2 200 jquery.min.js Show response
camitan.com/wp-includes/js/jquery/ 87 KB
30 KB 43ms
43ms Script
application/javascript 188.165.53.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://camitan.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: camitan.com
URL: https://camitan.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster021.hosting.ovh.net
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:41 GMT
content-encoding: gzip
last-modified: Sun, 16 Jan 2022 20:14:05 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 30908
expires: Thu, 27 Jan 2022 03:32:41 GMT

GET
H2

200

LOGO_CAMITAN_2020_01.png
camitan.com/wp-content/uploads/2020/10/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://camitan.com/wp-content/uploads/2020/10/LOGO_CAMITAN_2020_01.png
https://camitan.com/wp-content/uploads/2020/10/LOGO_CAMITAN_2020_01.png

109 KB
109 KB

63ms
62ms

Image
image/png

188.165.53.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://camitan.com/wp-content/uploads/2020/10/LOGO_CAMITAN_2020_01.png
Requested by: Host: camitan.com
URL: https://camitan.com/
Protocol: H2
Server: 188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster021.hosting.ovh.net
Software: Apache /
Resource Hash: d86e1256281a43b42d7d8899e2f73d75a23288eb3a35536b2b91571a41fd06a0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:41 GMT
last-modified: Sun, 25 Oct 2020 15:28:43 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 111419
expires: Thu, 27 Jan 2022 03:32:41 GMT

Redirect headers

date: Thu, 27 Jan 2022 03:17:41 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 01/27/2022 00:13:35
cdn-pullzone: 257218
cdn-tag: 0; Domain: camitan.com; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://camitan.com/wp-content/uploads/2020/10/LOGO_CAMITAN_2020_01.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: b5875567f8459d3692dc3183fed56ed1
cdn-requestcountrycode: FR
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 autoptimize_5397aa2006eccbae7e4b1c9ebbd844f7.js Show response
camitan.com/wp-content/cache/autoptimize/js/ 520 KB
150 KB 69ms
69ms Script
application/javascript 188.165.53.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://camitan.com/wp-content/cache/autoptimize/js/autoptimize_5397aa2006eccbae7e4b1c9ebbd844f7.js
Requested by: Host: camitan.com
URL: https://camitan.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster021.hosting.ovh.net
Software: Apache /
Resource Hash: b9f7bd79bc32b61e53755eafc4e58bf45dc3e4f63c6a705d94dae49649ba0621

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:41 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 12:30:20 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 27 Jan 2022 03:32:41 GMT

GET
H2 200 wp-emoji-release.min.js Show response
camitan.com/wp-includes/js/ 18 KB
5 KB 24ms
23ms Script
application/javascript 188.165.53.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://camitan.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by: Host: camitan.com
URL: https://camitan.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster021.hosting.ovh.net
Software: Apache /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:41 GMT
content-encoding: gzip
last-modified: Sun, 16 Jan 2022 20:14:06 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 4930
expires: Thu, 27 Jan 2022 03:32:41 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 108ms
31ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://camitan.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:14:34 GMT
x-content-type-options: nosniff
age: 97387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 00:14:34 GMT

GET
H2 200 miam.png
camitan.com/wp-content/uploads/2020/10/ 3 KB
3 KB 23ms
23ms Image
image/png 188.165.53.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://camitan.com/wp-content/uploads/2020/10/miam.png
Requested by: Host: camitan.com
URL: https://camitan.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster021.hosting.ovh.net
Software: Apache /
Resource Hash: 43c5a93460bc8fd0d9ab3e88e842b131f8321371150a2f4bb98482d9c53df192

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:41 GMT
last-modified: Sun, 25 Oct 2020 16:39:13 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 3366
expires: Thu, 27 Jan 2022 03:32:41 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v20/ 35 KB
35 KB 135ms
77ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v20/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barrio:regular|Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f13665e8ba61f667b58de7b04ac6e7bcb8f2095933fa301675fc0abc5bae66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://camitan.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:12:33 GMT
x-content-type-options: nosniff
age: 108308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35928
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 20:53:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 21:12:33 GMT

GET
H2

200

Homepage_02.jpg
camitan.com/wp-content/uploads/2021/02/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://camitan.com/wp-content/uploads/2021/02/Homepage_02.jpg
https://camitan.com/wp-content/uploads/2021/02/Homepage_02.jpg

288 KB
288 KB

28ms
28ms

Image
image/jpeg

188.165.53.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://camitan.com/wp-content/uploads/2021/02/Homepage_02.jpg
Requested by: Host: camitan.com
URL: https://camitan.com/
Protocol: H2
Server: 188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster021.hosting.ovh.net
Software: Apache /
Resource Hash: 67c5578353496f676b756fddf603edf568cec0c32e68e1d8220f839342a82a69

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:41 GMT
last-modified: Sun, 14 Feb 2021 16:48:53 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
content-length: 294798
expires: Thu, 27 Jan 2022 03:32:41 GMT

Redirect headers

date: Thu, 27 Jan 2022 03:17:41 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 01/27/2022 03:17:41
cdn-pullzone: 257218
cdn-tag: 0; Domain: camitan.com; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://camitan.com/wp-content/uploads/2021/02/Homepage_02.jpg
content-type: text/html; charset=utf-8
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: d01c00a7b19898fd9a140806a9f5668f
cdn-requestcountrycode: FR
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 modules.ttf
camitan.com/wp-content/themes/Divi/core/admin/fonts/ 90 KB
91 KB 24ms
23ms Font
application/x-font-ttf 188.165.53.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://camitan.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Requested by: Host: camitan.com
URL: https://camitan.com/wp-content/cache/autoptimize/css/autoptimize_df13170a6c9d3015c0dd2d9d2f98e86d.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster021.hosting.ovh.net
Software: Apache /
Resource Hash: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Referer: https://camitan.com/wp-content/cache/autoptimize/css/autoptimize_df13170a6c9d3015c0dd2d9d2f98e86d.css
Origin: https://camitan.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:41 GMT
last-modified: Fri, 13 Nov 2020 11:42:09 GMT
server: Apache
accept-ranges: bytes
content-length: 92400
content-type: application/x-font-ttf

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

bouton.jpg
camitan.com/wp-content/uploads/2020/10/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://camitan.com/wp-content/uploads/2020/10/bouton.jpg
https://camitan.com/wp-content/uploads/2020/10/bouton.jpg

50 KB
50 KB

23ms
23ms

Image
image/jpeg

188.165.53.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://camitan.com/wp-content/uploads/2020/10/bouton.jpg
Requested by: Host: camitan.com
URL: https://camitan.com/wp-content/cache/autoptimize/css/autoptimize_df13170a6c9d3015c0dd2d9d2f98e86d.css
Protocol: H2
Server: 188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster021.hosting.ovh.net
Software: Apache /
Resource Hash: 479c6aadf33c994bacb21881d2c5630663c90928bb16bde1805c965585c575a9

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:41 GMT
last-modified: Sat, 31 Oct 2020 21:42:40 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
content-length: 51278
expires: Thu, 27 Jan 2022 03:32:41 GMT

Redirect headers

date: Thu, 27 Jan 2022 03:17:41 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 01/27/2022 03:17:41
cdn-pullzone: 257218
cdn-tag: 0; Domain: camitan.com; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://camitan.com/wp-content/uploads/2020/10/bouton.jpg
content-type: text/html; charset=utf-8
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 74d9393912d72d5802bd7d4ee59d43f2
cdn-requestcountrycode: FR
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

Welcome-to-the-camitan-museum.jpg
camitan.com/wp-content/uploads/2021/02/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://camitan.com/wp-content/uploads/2021/02/Welcome-to-the-camitan-museum.jpg
https://camitan.com/wp-content/uploads/2021/02/Welcome-to-the-camitan-museum.jpg

19 KB
19 KB

53ms
52ms

Image
image/jpeg

188.165.53.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://camitan.com/wp-content/uploads/2021/02/Welcome-to-the-camitan-museum.jpg
Requested by: Host: camitan.com
URL: https://camitan.com/
Protocol: H2
Server: 188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster021.hosting.ovh.net
Software: Apache /
Resource Hash: affbc090eb7ddabad31ed10cf2afdbc08e4c15e35083d688ef55332376f6d118

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:41 GMT
last-modified: Sun, 14 Feb 2021 14:11:55 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
content-length: 19608
expires: Thu, 27 Jan 2022 03:32:41 GMT

Redirect headers

date: Thu, 27 Jan 2022 03:17:41 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 01/27/2022 03:17:41
cdn-pullzone: 257218
cdn-tag: 0; Domain: camitan.com; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://camitan.com/wp-content/uploads/2021/02/Welcome-to-the-camitan-museum.jpg
content-type: text/html; charset=utf-8
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: bee89cb83c525e00093b40134ac0d716
cdn-requestcountrycode: FR
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 4 Show response
autofaucet.org/wm/trudyaga/ Frame 20D8 909 B
983 B 361ms
297ms Document
text/html 2606:4700:3030::6815:544
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autofaucet.org/wm/trudyaga/4
Requested by: Host: camitan.com
URL: https://camitan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:544 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40fb1bab67210530c96835a9dc744acc6be883d11ad9f19990b3e61c4b02fabb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/

Response headers

date: Thu, 27 Jan 2022 03:17:41 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01GBx1UqiR46GHi%2BQNvdW6zjlRIL%2Fj8D8oId1SZqX6%2Byb8rije7HFBCGW8c6fVLeU%2Bg%2Fm3q8kjMvP%2BsRHaygqbwGCe0jJsgY2s%2FpgbMfteTLsmpKKAZk3v6K%2F49tbkofWCWYUTkx2tvrHRFXeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d3ed457ae25ee50-CDG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 20D8 12 KB
4 KB 27ms
26ms Script
application/javascript 2606:4700:3030::6815:544
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: autofaucet.org
URL: https://autofaucet.org/wm/trudyaga/4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:544 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://autofaucet.org/wm/trudyaga/4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Jan 2022 15:52:06 GMT
server: cloudflare
etag: W/"61e833a6-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D259EgdC3Ug7zwE5OjuIkTVQ7h3MjZlF7JupKgnE67jwYtyXl3a%2BLoNH4zRy%2FWaj9hu9L3nwA3lCAf84e6D%2BQg01CT1FkS8VEFoIumkpcX7FK3XpmfCZk7kaPzmTnL7qhDnkyINruoPuzhsrMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3ed4599804ee50-CDG
vary: Accept-Encoding
expires: Sat, 29 Jan 2022 03:17:42 GMT

GET
H2 200 base.js Show response
webminepool.com/lib/ Frame 20D8 193 KB
62 KB 98ms
36ms Script
application/javascript 2606:4700:3033::6815:581a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webminepool.com/lib/base.js
Requested by: Host: autofaucet.org
URL: https://autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:581a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb74590760eb6d1e360a53a7921bf5c23b688106c4fd1ed6c534025ba852bde1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://autofaucet.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3061
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 27 Mar 2021 13:19:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAAb0MM0d3Ja0SWhAa8HvWM3q3ZMj4k%2BFMSl6qPGXgQbdjTpfQgNUV0%2BTEAy%2BUKGkBtGN0A2%2FjQKOsnc4WH5B0ZGjgHCciHROxYuPekUzuswyjrk%2BYPFJMjYd0yW6DZ4Mfi%2B3lqayEKjlrhmIE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 6d3ed45a28de4093-CDG
expires: Thu, 27 Jan 2022 03:26:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 20D8 90 KB
36 KB 114ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-70038523-3

Requested by

Host: autofaucet.org
URL: https://autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a4e48feeafee6caecbf675bdae94daadd243c0e096b455c6c506adf0bf4d9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://autofaucet.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36020
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 03:17:42 GMT

GET
H2

200

LOGO_CAMITAN_2020_01.png
camitan.com/wp-content/uploads/2020/10/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://camitan.com/wp-content/uploads/2020/10/LOGO_CAMITAN_2020_01.png
https://camitan.com/wp-content/uploads/2020/10/LOGO_CAMITAN_2020_01.png

109 KB
109 KB

22ms
21ms

Image
image/png

188.165.53.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://camitan.com/wp-content/uploads/2020/10/LOGO_CAMITAN_2020_01.png
Protocol: H2
Server: 188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster021.hosting.ovh.net
Software: Apache /
Resource Hash: d86e1256281a43b42d7d8899e2f73d75a23288eb3a35536b2b91571a41fd06a0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:42 GMT
last-modified: Sun, 25 Oct 2020 15:28:43 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 111419
expires: Thu, 27 Jan 2022 03:32:42 GMT

Redirect headers

date: Thu, 27 Jan 2022 03:17:42 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 01/27/2022 00:13:35
cdn-pullzone: 257218
cdn-tag: 0; Domain: camitan.com; 302
content-length: 0
server: BunnyCDN-DE1-756
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://camitan.com/wp-content/uploads/2020/10/LOGO_CAMITAN_2020_01.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: bdeb9f6cc7c18104a5a306e1dac7a6c9
cdn-requestcountrycode: FR
cdn-status: 302
cdn-requestpullsuccess: True

GET
BLOB 200
OK a89a372c-46b0-41af-928d-4ef8c616b15c
https://autofaucet.org/ Frame 20D8 186 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://autofaucet.org/a89a372c-46b0-41af-928d-4ef8c616b15c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3aea6adab5c21cb1f73fc071b71d19f189e9f810f09d6d7b6236dbd871d6cd4

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 190927
Content-Type: text/javascript

GET
BLOB 200
OK 40772e90-4ccc-49f9-8c3a-4b3ef0fbf53c
https://autofaucet.org/ Frame 20D8 186 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://autofaucet.org/40772e90-4ccc-49f9-8c3a-4b3ef0fbf53c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3aea6adab5c21cb1f73fc071b71d19f189e9f810f09d6d7b6236dbd871d6cd4

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 190927
Content-Type: text/javascript

GET
BLOB 200
OK 952520e4-5fc5-4b8b-af81-cc1ed82d2490
https://autofaucet.org/ Frame 20D8 186 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://autofaucet.org/952520e4-5fc5-4b8b-af81-cc1ed82d2490
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3aea6adab5c21cb1f73fc071b71d19f189e9f810f09d6d7b6236dbd871d6cd4

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 190927
Content-Type: text/javascript

GET
BLOB 200
OK 8201f638-8ebe-4511-89b4-3945a9ca4158
https://autofaucet.org/ Frame 20D8 186 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://autofaucet.org/8201f638-8ebe-4511-89b4-3945a9ca4158
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3aea6adab5c21cb1f73fc071b71d19f189e9f810f09d6d7b6236dbd871d6cd4

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 190927
Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 20D8 49 KB
20 KB 102ms
30ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70038523-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://autofaucet.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6168
date: Thu, 27 Jan 2022 01:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 27 Jan 2022 03:34:54 GMT

GET
H2 200 mrqwinlega5dinbyg4 Show response
yourvibe1.com/go/ 24 KB
25 KB 89ms
30ms Document
text/html 161.35.244.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://yourvibe1.com/go/mrqwinlega5dinbyg4

Requested by

Host: camitan.com
URL: https://camitan.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

161.35.244.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2ad00f26b0a529972633972a431533f6e8409332af8de48e75b803f03ce5f657

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://camitan.com/

Response headers

server: nginx
date: Thu, 27 Jan 2022 03:17:43 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests

GET
DATA 200
OK truncated
/ 748 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 index.php Show response
0.yourvibe1.com/ 24 KB
24 KB 49ms
31ms Document
text/html 161.35.244.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://0.yourvibe1.com/index.php?p=mrqwinlega5dinbyg4

Requested by

Host: yourvibe1.com
URL: https://yourvibe1.com/go/mrqwinlega5dinbyg4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

161.35.244.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

612c2109ebbcadf9aaa39485455c40351cc8ae147573a8b73ad4921d4d92e65d

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://yourvibe1.com/

Response headers

server: nginx
date: Thu, 27 Jan 2022 03:17:43 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests

GET
DATA 200
OK truncated
/ 748 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

Primary Request / Show response
privitem.cf/
Redirect Chain

https://bit.ly/33HDwOG
https://privitem.cf/

2 KB
2 KB

275ms
203ms

Document
text/html

2606:4700:3034::ac43:afa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privitem.cf/
Requested by: Host: 0.yourvibe1.com
URL: https://0.yourvibe1.com/index.php?p=mrqwinlega5dinbyg4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:afa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d856f41a8441c7f6e20bc436776865cd34923aa96eed96444ba1421a819e7c3a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://0.yourvibe1.com/

Response headers

date: Thu, 27 Jan 2022 03:17:44 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Wed, 26 Jan 2022 14:35:22 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0MHNILTgFktUgd%2BH8Szt80GE7NAioAwhteGXl2UjgbfytJ0UpmbTrzf36G7bEXX%2Frrwy6XCd3IpmYYqBTKk5XKwu7nkaxcgIxdPY4hIul3vgU8jIZMQQXGUnkDLom3txWw6KEx1JvTQCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d3ed46679833317-CDG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server: nginx
date: Thu, 27 Jan 2022 03:17:43 GMT
content-type: text/html; charset=utf-8
content-length: 107
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://privitem.cf/
referrer-policy: unsafe-url
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 main.css
privitem.cf/ 7 KB
2 KB 90ms
55ms Stylesheet
text/css 2606:4700:3034::ac43:afa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privitem.cf/main.css
Requested by: Host: privitem.cf
URL: https://privitem.cf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:afa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b00625df111ea2c0f40128572915e09128b7fe55ce05b94a2a91baafe3e70447

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://privitem.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 228963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 11:46:52 GMT
server: cloudflare
etag: W/"61d6d6ac-1da8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Eu%2Bd9pXUT32nVowd9c%2BGpOvUc44zd%2B8et0HNwV%2BQCmzDpzSeGL7VfKb6dlODQJ58fZlhwijkzOIipgwm5JGo1jFolXMGVpuIY2fnG92hHPyoGckXX1PJiR%2B0u%2FIeWpobFAAm1LxtQDpkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6d3ed4680e423b97-CDG
expires: Mon, 31 Jan 2022 11:41:41 GMT

GET
H3 200 logo.png
privitem.cf/ 4 KB
4 KB 89ms
55ms Image
image/png 2606:4700:3034::ac43:afa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://privitem.cf/logo.png
Requested by: Host: privitem.cf
URL: https://privitem.cf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:afa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2fef4331a6b224d85aa9ee36bab8b80159b5ae40751b08f1ecff12c0e60aea

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://privitem.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 834150
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3755
last-modified: Thu, 06 Jan 2022 11:46:52 GMT
server: cloudflare
etag: "61d6d6ac-eab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5P5EpPpPV%2BgbJmBWajQrLs9cY6xg%2FMwyY7y44fOPO%2Fr04YRvrmPq3DmUFpSvgiuvhYNNH1bsVMgt0vndxJrOBk0MNkgZy99N0IPLHnKOOaqNZ94XAW4Na2XKGofQRvFqCkGcBbwT1abzDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d3ed4680e443b97-CDG
expires: Wed, 16 Feb 2022 11:35:14 GMT

GET
H3 206 1.mp4
privitem.cf/ 35 KB
0 66ms
32ms Media
video/mp4 2606:4700:3034::ac43:afa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privitem.cf/1.mp4
Requested by: Host: privitem.cf
URL: https://privitem.cf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:afa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://privitem.cf/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 27 Jan 2022 03:17:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 834150
Content-Range: bytes 0-1195473/1195474
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1195474
last-modified: Thu, 06 Jan 2022 11:46:52 GMT
server: cloudflare
etag: "61d6d6ac-123dd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mtY%2F2OQCS2%2BrdESmyXPVYEVidKKCkYD4GWd5JSl6qQa8pt3r7Jf44M2Tz6O8J7qT1mIpwe%2FTv0477pWy7jk%2BTIHkfPj89XaejpUPiR6lKH1MZycPGpUo%2Bds0H8ZIfBkoSWn2845ac1rFWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: max-age=2592000
cf-ray: 6d3ed4680e463b97-CDG
expires: Wed, 16 Feb 2022 11:35:14 GMT

GET
H3 200 css2.css
privitem.cf/ 3 KB
1 KB 47ms
47ms Stylesheet
text/css 2606:4700:3034::ac43:afa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privitem.cf/css2.css
Requested by: Host: privitem.cf
URL: https://privitem.cf/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:afa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75e4accc7b4bafd148bec5f40eeeaef453086d6960beb4e64c5d1097ceb2dd86

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://privitem.cf/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 228962
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 11:46:52 GMT
server: cloudflare
etag: W/"61d6d6ac-bde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0GmfQI57dCrXb1q5fNX6w%2Fe211I6qUj0tYVfl%2B858HUoWzaq2pj4biuJtjNzoDxOuky32WkezhBZPWKPsI0j3uOJ8jAWCtV3BMyUodJlGNaGBk3WzhJ7%2FdlLZ10nqGsKfQ3fZ7Mej3SbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6d3ed4686e973b97-CDG
expires: Mon, 31 Jan 2022 11:41:42 GMT

GET
H3 206 1.mp4
privitem.cf/ 15 KB
16 KB 32ms
32ms Media
video/mp4 2606:4700:3034::ac43:afa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privitem.cf/1.mp4
Requested by: Host: privitem.cf
URL: https://privitem.cf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:afa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7dbe1150648ef63d8d6b94227e3e92cda15a7b37a7e067e70365faeba1e6be7

Request headers

Referer: https://privitem.cf/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=1179648-

Response headers

date: Thu, 27 Jan 2022 03:17:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 834150
Content-Range: bytes 1179648-1195473/1195474
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 15826
last-modified: Thu, 06 Jan 2022 11:46:52 GMT
server: cloudflare
etag: "61d6d6ac-123dd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0Jvbn86EewY4SMPyZXIfhvbpH2iIZLXdYMP8lKcbWvuXHUsfNHgXqWais2EPyPfIiZBHtA62%2F7gprVVMriR4mBPU3JX39sV8n%2BbZG4SUwC5O9sdcX8qtjSGJr2vbP%2BmscqYjbuJ7DW2aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: max-age=2592000
cf-ray: 6d3ed4688ebe3b97-CDG
expires: Wed, 16 Feb 2022 11:35:14 GMT

GET
H3 200 /
privitem.cf/ 2 KB
2 KB 219ms
219ms Image
text/html 2606:4700:3034::ac43:afa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://privitem.cf/
Requested by: Host: privitem.cf
URL: https://privitem.cf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:afa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://privitem.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moyE9McEiKc%2BVvMG%2FsaRaCb%2BtK94HuBZZDBebuwTsaslFPyoC%2BHP%2BXYOzgrWscEgCy08J4zEkSq2zw3%2BvcMMYX%2B46UluSPtYnTYDN2igV4zyDa3kgDuw69CONBO0rEsx0bkoE%2FXWLXZDcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
last-modified: Wed, 26 Jan 2022 14:35:22 GMT
cf-ray: 6d3ed468bee43b97-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
privitem.cf/ 19 KB
20 KB 35ms
34ms Font
application/font-woff2 2606:4700:3034::ac43:afa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privitem.cf/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by: Host: privitem.cf
URL: https://privitem.cf/css2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:afa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Request headers

Referer: https://privitem.cf/css2.css
Origin: https://privitem.cf
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 834149
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19844
last-modified: Thu, 06 Jan 2022 11:46:52 GMT
server: cloudflare
etag: "61d6d6ac-4d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=visQNYpkDfZsOFujm%2FlIR42%2B4%2FyMFUVjB0%2BD%2BOnJ93zFNikgAozpwmqKpb35TkG7BkktGiSESIqARqK16rgZJEiOY9oRji2%2B3OJQot5AwEQ75uPet6aGl9PBt%2B8ATZMAAjc9CbezcDFuog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d3ed468bee53b97-CDG
expires: Wed, 16 Feb 2022 11:35:15 GMT

GET
H3 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
privitem.cf/ 20 KB
20 KB 28ms
28ms Font
application/font-woff2 2606:4700:3034::ac43:afa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privitem.cf/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by: Host: privitem.cf
URL: https://privitem.cf/css2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:afa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Request headers

Referer: https://privitem.cf/css2.css
Origin: https://privitem.cf
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:17:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 834149
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20040
last-modified: Thu, 06 Jan 2022 11:46:52 GMT
server: cloudflare
etag: "61d6d6ac-4e48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LP1ER2EQumfBpAq8hc64YcAVfIFgBS%2FA%2FFN1QqPQ%2FI9ear0bKp2BmS32eHQu%2FtIU5%2BGlT6l9geHqd0i4dkcXJaA8ybs4%2BAz97yGGy6CJDhvBxbcvZgsRd%2BU1AA4dp6BYsC%2F%2FMRgHn0WJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d3ed468bee73b97-CDG
expires: Wed, 16 Feb 2022 11:35:15 GMT

GET
H3 206 1.mp4
privitem.cf/ 1 MB
0 31ms
31ms Media
video/mp4 2606:4700:3034::ac43:afa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privitem.cf/1.mp4
Requested by: Host: privitem.cf
URL: https://privitem.cf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:afa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://privitem.cf/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=32768-

Response headers

date: Thu, 27 Jan 2022 03:17:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 834150
Content-Range: bytes 32768-1195473/1195474
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1162706
last-modified: Thu, 06 Jan 2022 11:46:52 GMT
server: cloudflare
etag: "61d6d6ac-123dd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZczfC1A9QiRsXpXV9S7ZWlisnQreNJ9EjM6PqA8GAz2YTMxmBdFfKU3jzW8ktsFUB850o28MCD%2FTa%2F8drmEcE0Uw%2BVA1zd2QW2OcZSYc5aelCtA3W0v%2BZXF%2BFqzTEP6o2KzWoymlkHEqmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: max-age=2592000
cf-ray: 6d3ed468cef73b97-CDG
expires: Wed, 16 Feb 2022 11:35:14 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yourvibe1.com/	1970-01-20 01:10:45	Name: uuid Value: b47f8780-35ca-4ebc-965a-4886e9b86125
.0.yourvibe1.com/	1970-01-20 01:10:45	Name: uuid Value: b47f8780-35ca-4ebc-965a-4886e9b86125
.bit.ly/	1970-01-20 04:46:45	Name: _bit Value: m0r3hH-fe2ec4509c40a84ec0-00K

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://privitem.cf/(Line 3) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.yourvibe1.com
autofaucet.org
bit.ly
camitan.com
fonts.googleapis.com
fonts.gstatic.com
privitem.cf
sp-ao.shortpixel.ai
webminepool.com
www.google-analytics.com
www.googletagmanager.com
yourvibe1.com
161.35.244.242
188.165.53.185
2606:4700:3030::6815:544
2606:4700:3033::6815:581a
2606:4700:3034::ac43:afa2
2a00:1450:4001:80f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
2a00:1450:400f:804::200a
67.199.248.11
89.187.169.47
0cfb3aa97c5c22017610ba05c238db72e7db9db664ca124ff4fe2c3637d2a5f1
2ad00f26b0a529972633972a431533f6e8409332af8de48e75b803f03ce5f657
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
40fb1bab67210530c96835a9dc744acc6be883d11ad9f19990b3e61c4b02fabb
43c5a93460bc8fd0d9ab3e88e842b131f8321371150a2f4bb98482d9c53df192
479c6aadf33c994bacb21881d2c5630663c90928bb16bde1805c965585c575a9
612c2109ebbcadf9aaa39485455c40351cc8ae147573a8b73ad4921d4d92e65d
65bfa33a5705436d89aeef5631c0e80ebab791c999da38e2548923668aa58d8b
66a0e1f7b187f8f8476dd0e9dea243c9b67534e2d4af20664862aa4a2e0f45ef
67c5578353496f676b756fddf603edf568cec0c32e68e1d8220f839342a82a69
75e4accc7b4bafd148bec5f40eeeaef453086d6960beb4e64c5d1097ceb2dd86
7a4e48feeafee6caecbf675bdae94daadd243c0e096b455c6c506adf0bf4d9b9
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
ac97bc7f217e4f44ef06f70136d703ef07504dcb904e0848bee504cc8a4aafc4
affbc090eb7ddabad31ed10cf2afdbc08e4c15e35083d688ef55332376f6d118
b00625df111ea2c0f40128572915e09128b7fe55ce05b94a2a91baafe3e70447
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b9f7bd79bc32b61e53755eafc4e58bf45dc3e4f63c6a705d94dae49649ba0621
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
cb74590760eb6d1e360a53a7921bf5c23b688106c4fd1ed6c534025ba852bde1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d856f41a8441c7f6e20bc436776865cd34923aa96eed96444ba1421a819e7c3a
d86e1256281a43b42d7d8899e2f73d75a23288eb3a35536b2b91571a41fd06a0
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e2f13665e8ba61f667b58de7b04ac6e7bcb8f2095933fa301675fc0abc5bae66
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7dbe1150648ef63d8d6b94227e3e92cda15a7b37a7e067e70365faeba1e6be7
eb2fef4331a6b224d85aa9ee36bab8b80159b5ae40751b08f1ecff12c0e60aea
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
f3aea6adab5c21cb1f73fc071b71d19f189e9f810f09d6d7b6236dbd871d6cd4

privitem.cf Open in urlscan Pro 2606:4700:3034::ac43:afa2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

76 %HTTPS

64 %IPv6

11 Domains

12 Subdomains

10 IPs

5 Countries

1338 kBTransfer

4908 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

privitem.cf Open in urlscan Pro
2606:4700:3034::ac43:afa2 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

76 %
HTTPS

64 %
IPv6

11
Domains

12
Subdomains

10
IPs

5
Countries

1338 kB
Transfer

4908 kB
Size

3
Cookies

38 HTTP transactions
3 data transactions