jobspklhr.com Open in urlscan Pro
2a02:4780:b:1059:0:1c15:593f:3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://s.id/susannaxvideos
Effective URL:
https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Submission: On September 16 via manual (September 16th 2023, 1:39:51 am UTC) from US — Scanned from DE

Summary HTTP 106 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 30 domains to perform 106 HTTP transactions. The main IP is 2a02:4780:b:1059:0:1c15:593f:3, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is jobspklhr.com.
TLS certificate: Issued by R3 on August 12th 2023. Valid for: 3 months.

This is the only time jobspklhr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:7f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::ac43:4b68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a02:4780:b:1... 2a02:4780:b:1059:0:1c15:593f:3	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e6:... 2606:4700:e6::ac40:c41c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	5.200.15.239 5.200.15.239	49544 (I3DNET) (I3DNET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	139.45.197.245 139.45.197.245	9002 (RETN-AS) (RETN-AS)
13	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
7	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
9	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
1	2606:4700:e4:... 2606:4700:e4::ac40:a222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
7	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	46.105.199.75 46.105.199.75	16276 (OVH) (OVH)
1	2a00:1d26:877... 2a00:1d26:8771::11	49544 (I3DNET) (I3DNET)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	139.45.197.151 139.45.197.151	9002 (RETN-AS) (RETN-AS)
4	2606:4700:10:... 2606:4700:10::6816:1974	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.133.44.37 45.133.44.37	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	5.200.15.238 5.200.15.238	49544 (I3DNET) (I3DNET)
106	28

1 2606:4700:20::681a:7f9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b68 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:4780:b:1059:0:1c15:593f:3 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)

jobspklhr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:c41c (United States)

ASN13335 (CLOUDFLARENET, US)

video.onetouch8.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.200.15.239 (Rotterdam, Netherlands)

ASN49544 (I3DNET, NL)

richinfo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adx1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)

ossmightyenar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

gloorsie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ophoacit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

earlierindians.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

woafoame.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a222 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

punoocke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glizauvo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.105.199.75 (France)

ASN16276 (OVH, FR)

7ool.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1d26:8771::11 (Atlanta, United States)

ASN49544 (I3DNET, NL)

us.convers.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)

interstitial-08.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.37 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.cdnkimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.15.238 (Rotterdam, Netherlands)

ASN49544 (I3DNET, NL)

8961.xml.4armn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	jobspklhr.com jobspklhr.com	271 KB
9	ophoacit.com ophoacit.com — Cisco Umbrella Rank: 86558	151 KB
9	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 824883	41 KB
7	earlierindians.com earlierindians.com
5	interstitial-08.com interstitial-08.com — Cisco Umbrella Rank: 143696	158 KB
4	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 13420	35 KB
4	punoocke.com punoocke.com	36 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2288	415 B
4	gloorsie.com gloorsie.com — Cisco Umbrella Rank: 259890	31 KB
3	7ool.net 7ool.net — Cisco Umbrella Rank: 396696	30 KB
3	glizauvo.net glizauvo.net — Cisco Umbrella Rank: 70073	35 KB
3	gstatic.com fonts.gstatic.com	92 KB
3	ossmightyenar.net ossmightyenar.net — Cisco Umbrella Rank: 88977	35 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	276 KB
3	onetouch8.info video.onetouch8.info — Cisco Umbrella Rank: 154469	14 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56 imasdk.googleapis.com — Cisco Umbrella Rank: 501	356 KB
2	woafoame.net woafoame.net — Cisco Umbrella Rank: 272548	28 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9998	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 248	82 KB
2	s.id 2 redirects s.id — Cisco Umbrella Rank: 130044	1 KB
1	4armn.com 8961.xml.4armn.com — Cisco Umbrella Rank: 503040	251 B
1	adx1.com cdn.adx1.com — Cisco Umbrella Rank: 92011	459 B
1	cdnkimg.com i.cdnkimg.com — Cisco Umbrella Rank: 17513	9 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105	14 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 331	17 KB
1	convers.link us.convers.link — Cisco Umbrella Rank: 463970	297 B
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 16781	483 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 17968	8 KB
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2317	1 KB
1	richinfo.co richinfo.co — Cisco Umbrella Rank: 268029	5 KB
106	30

	Domain	Requested by
22	jobspklhr.com	jobspklhr.com
9	ophoacit.com	jobspklhr.com ophoacit.com
9	jouteetu.net	jobspklhr.com jouteetu.net
7	earlierindians.com	jobspklhr.com
5	interstitial-08.com	ophoacit.com interstitial-08.com
4	littlecdn.com	interstitial-08.com
4	punoocke.com	jobspklhr.com punoocke.com
4	region1.google-analytics.com	www.googletagmanager.com
4	gloorsie.com	jobspklhr.com gloorsie.com
3	7ool.net	richinfo.co
3	glizauvo.net	jobspklhr.com glizauvo.net
3	fonts.gstatic.com	fonts.googleapis.com
3	ossmightyenar.net	jobspklhr.com ossmightyenar.net
3	www.googletagmanager.com	jobspklhr.com www.googletagmanager.com
3	video.onetouch8.info	jobspklhr.com imasdk.googleapis.com
2	imasdk.googleapis.com	video.onetouch8.info imasdk.googleapis.com
2	woafoame.net	jobspklhr.com woafoame.net
2	my.rtmark.net	gloorsie.com jobspklhr.com
2	cdnjs.cloudflare.com	jobspklhr.com cdnjs.cloudflare.com
2	s.id	2 redirects
1	8961.xml.4armn.com	7ool.net
1	cdn.adx1.com	richinfo.co
1	i.cdnkimg.com	jobspklhr.com
1	pagead2.googlesyndication.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	us.convers.link	richinfo.co
1	fleraprt.com	tzegilo.com
1	tzegilo.com	ossmightyenar.net
1	secure.gravatar.com	jobspklhr.com
1	richinfo.co	jobspklhr.com
1	fonts.googleapis.com	jobspklhr.com
106	31

This site contains links to these domains. Also see Links.

Domain
earlierindians.com
terabox.com
gradientthemes.com

Subject Issuer	Validity	Valid
jobspklhr.com R3	`2023-08-12` - `2023-11-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
onetouch8.info E1	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
richinfo.co R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
ossmightyenar.net R3	`2023-09-10` - `2023-12-09`	3 months	crt.sh
gloorsie.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
earlierindians.com R3	`2023-08-30` - `2023-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
rtmark.net R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
woafoame.net R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
jouteetu.net R3	`2023-06-29` - `2023-09-27`	3 months	crt.sh
ophoacit.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
tzegilo.com GTS CA 1P5	`2023-08-07` - `2023-11-05`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-09` - `2024-01-14`	a year	crt.sh
punoocke.com R3	`2023-08-27` - `2023-11-25`	3 months	crt.sh
glizauvo.net R3	`2023-09-05` - `2023-12-04`	3 months	crt.sh
cdn.adx1.net R3	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.convers.link R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
interstitial-08.com R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
i.cdnkimg.com R3	`2023-07-28` - `2023-10-26`	3 months	crt.sh
*.adx1.com R3	`2023-09-09` - `2023-12-08`	3 months	crt.sh
8961.xml.4armn.com R3	`2023-08-14` - `2023-11-12`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Frame ID: 659499CD0D66E4C24AFD24C7EFD61DF1
Requests: 87 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Frame ID: EEA467DD6D6DFD499EBEE0175CC6859D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E2FCF1A82BFFC444682FC0CF8CE87D48
Requests: 1 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1176315762%26z%3D6329324%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D24dfd754-d4d2-47a9-9702-12c6bdc5d645%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fjobspklhr.com%252Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Frame ID: 167E60DA032FF0B045595FBEFBBAB6E7
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Susanna Gibson leaked videos on twitter and telegram – Virginia Democrat candidate

Page URL History Show full URLs

http://s.id/susannaxvideos HTTP 301
https://s.id/susannaxvideos HTTP 302
https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candi... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

106
Requests

99 %
HTTPS

55 %
IPv6

30
Domains

31
Subdomains

28
IPs

6
Countries

1726 kB
Transfer

4487 kB
Size

24
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://earlierindians.com/zw7cvn8y?key=e651bae5ec8f9b3e7ddbddbafdf0b68d

Search URL Search Domain Scan URL

URL: https://terabox.com/s/1OuQz7vkdnhZT1I_H3fpteQ
Title: Download Now

Search URL Search Domain Scan URL

URL: https://gradientthemes.com/
Title: Credit By Wordpress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://s.id/susannaxvideos HTTP 301
https://s.id/susannaxvideos HTTP 302
https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

106 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Redirect Chain

http://s.id/susannaxvideos
https://s.id/susannaxvideos
https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

274 KB
104 KB

659ms
232ms

Document
text/html

2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.1.33

Resource Hash

073ca17ab41064e494d60e32e276bb307db9a0e50b8f54563a30b101f0296edd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 16 Sep 2023 01:39:42 GMT
link: <https://jobspklhr.com/wp-json/>; rel="https://api.w.org/" <https://jobspklhr.com/wp-json/wp/v2/posts/85>; rel="alternate"; type="application/json" <https://jobspklhr.com/?p=85>; rel=shortlink
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://jobspklhr.com/xmlrpc.php
x-powered-by: PHP/7.1.33

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=15
cf-cache-status: DYNAMIC
cf-ray: 807565a9f9621907-FRA
content-length: 0
date: Sat, 16 Sep 2023 01:39:42 GMT
location: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRIfKFB6drfkTnXw1%2BVTrGyWj0WWMKE6kI2vxoCape2pTRkwoBysOSCKyQrud2LJ0EY%2BZse3AZpEJreFCnk9hZhETYp4pnU53PaglkDAkFBlypchM3wU2laN1AzLd7MlHyc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
jobspklhr.com/wp-includes/css/dist/block-library/ 102 KB
13 KB 346ms
345ms Stylesheet
text/css 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 10 Sep 2023 04:33:45 GMT
server: LiteSpeed
etag: "19824-64fd4729-afcb33f361134269;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12669
expires: Sat, 23 Sep 2023 01:39:43 GMT

GET
H2 200 bootstrap.css
jobspklhr.com/wp-content/themes/news-blog/css/ 21 KB
3 KB 324ms
321ms Stylesheet
text/css 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/wp-content/themes/news-blog/css/bootstrap.css?ver=6.3.1

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3b9f5f976b12e4db829a9162e9b3422a6e269af8f64540011bf482bbaaf2bf23

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 10 Sep 2023 04:43:58 GMT
server: LiteSpeed
etag: "529c-64fd498e-a13e958c02afd973;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2859
expires: Sat, 23 Sep 2023 01:39:43 GMT

GET
H2 200 style.css
jobspklhr.com/wp-content/themes/news-blog/ 225 KB
30 KB 495ms
493ms Stylesheet
text/css 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/wp-content/themes/news-blog/style.css?ver=6.3.1

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

49530e5904e11c3e9a5957ed4403495cffba7f127973a2577afce06a5b057405

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 10 Sep 2023 04:43:58 GMT
server: LiteSpeed
etag: "38592-64fd498e-c2952862f696fa4f;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 30853
expires: Sat, 23 Sep 2023 01:39:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 140ms
50ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CNunito+Sans%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i&subset=latin%2Clatin-ext

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6dae463011b3a21c753bd53b8cae334abe23f346d6f737839832a92d3c3e1ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 16 Sep 2023 01:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 16 Sep 2023 00:49:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Sep 2023 01:39:43 GMT

GET
H2 200 style.css
jobspklhr.com/wp-content/themes/grand-news/ 5 KB
2 KB 496ms
494ms Stylesheet
text/css 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/wp-content/themes/grand-news/style.css?ver=6.3.1

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2b3c0b1bd509fe088c08693dcc6603eda56c407cab0fa19494580b7f9699fd12

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 10 Sep 2023 04:43:57 GMT
server: LiteSpeed
etag: "13f6-64fd498d-bf5aba9fe1b79d85;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1581
expires: Sat, 23 Sep 2023 01:39:43 GMT

GET
H2 200 jquery.min.js Show response
jobspklhr.com/wp-includes/js/jquery/ 85 KB
29 KB 496ms
495ms Script
application/x-javascript 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 10 Sep 2023 04:33:45 GMT
server: LiteSpeed
etag: "155ba-64fd4729-a660423fa6629fcd;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 29502
expires: Sat, 23 Sep 2023 01:39:43 GMT

GET
H2 200 jquery-migrate.min.js Show response
jobspklhr.com/wp-includes/js/jquery/ 13 KB
5 KB 497ms
495ms Script
application/x-javascript 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 10 Sep 2023 04:33:45 GMT
server: LiteSpeed
etag: "3509-64fd4729-3bf41c91036d5cf;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4671
expires: Sat, 23 Sep 2023 01:39:43 GMT

GET
H2 200 bootstrap.js Show response
jobspklhr.com/wp-content/themes/news-blog/js/ 9 KB
3 KB 497ms
496ms Script
application/x-javascript 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/wp-content/themes/news-blog/js/bootstrap.js?ver=6.3.1

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

932f20ce14570b2aae911be06c9c60cd6ab006c9d9765a7e0fa7c0a4920df10b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 10 Sep 2023 04:43:58 GMT
server: LiteSpeed
etag: "25ca-64fd498e-f37b01d20bc9e5cf;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2621
expires: Sat, 23 Sep 2023 01:39:43 GMT

GET
H2 200 jquery.marquee.js Show response
jobspklhr.com/wp-content/themes/news-blog/js/ 23 KB
4 KB 497ms
496ms Script
application/x-javascript 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/wp-content/themes/news-blog/js/jquery.marquee.js?ver=6.3.1

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b2fb56cccdd01513f3f7fa9361683b3180e99fe0884f211d865f36cfef0b1db0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 10 Sep 2023 04:43:58 GMT
server: LiteSpeed
etag: "5b44-64fd498e-4e7fb1c95c24b661;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4249
expires: Sat, 23 Sep 2023 01:39:43 GMT

GET
BLOB 200
OK 2b03660a-4467-4172-9ab7-209daaa1dcaf
https://jobspklhr.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://jobspklhr.com/2b03660a-4467-4172-9ab7-209daaa1dcaf
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 d-video.js Show response
video.onetouch8.info/ 91 KB
13 KB 143ms
49ms Script
application/javascript 2606:4700:e6::ac40:c41c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/d-video.js?b=24
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1825cfe3f18db5a062e4f37b134b6d4a3568c67d557921939e4b5e26ca1ae723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 10:57:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3448
etag: W/"61c1b305-16d04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBQCFnsjar71zugPtRclHXmPEvcJfH%2FmwSH84xoMG4H6U1vTXefx3iTxiV6PZcXHRtsAJpy0KkIg50Wh728Wg%2BpdpAuvN5SeL5BmXU9eMg8unDnEFcexOUMYHqCu9P1pgJjnWe7bUjZIYslnKrCNinzLPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 807565b47e34048b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
91 KB 827ms
58ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZHVSDG5PPD

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aae14ce61cf2fba2ae97ab8df06e2417b4375abebb64f0d1c91694f6b6009e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92382
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 16 Sep 2023 01:39:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
93 KB 809ms
114ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F6D35RTV14

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0927cef922240ba4b90545f2ab69798ad09187fdd8271a83a3d1b382fed7d7ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94853
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 16 Sep 2023 01:39:44 GMT

GET
H2 200 richads-pu-ob.js Show response
richinfo.co/richpartners/pops/js/ 11 KB
5 KB 738ms
43ms Script
application/javascript 5.200.15.239
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.200.15.239 Rotterdam, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: f1076ee8f65519d92b50c79b0cee774eb0ebb7be65f664f2f64e8d9f8919a16b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: gzip
last-modified: Fri, 15 Sep 2023 13:32:50 GMT
server: openresty/1.21.4.1
x-amz-request-id: 4RYGAX62RRHAF6SG
etag: W/"52c3f539b24b67f05195b73ef20f303b"
x-amz-server-side-encryption: AES256
content-type: application/javascript
x-amz-id-2: Hj4gyp4bxhfTJkl0NN4xxU+oXKk7zvQCGq/1Q6lNgkK1fhmLlvsZ4i3tmqOnhI+9xDRcne3AEdk=

GET
H3 200 Untitled_design-removebg-preview.png
jobspklhr.com/wp-content/uploads/2023/09/ 10 KB
10 KB 174ms
174ms Image
image/png 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jobspklhr.com/wp-content/uploads/2023/09/Untitled_design-removebg-preview.png

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c9b4d9b84b6d4fa87ef669a3907773272585c492f1088726581b48622207549b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 11 Sep 2023 05:04:18 GMT
server: LiteSpeed
etag: "28e2-64fe9fd2-ee88c63f4eb1d83a;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 10466
expires: Sat, 23 Sep 2023 01:39:43 GMT

GET
H2 200 Scandal-Susanna-Gibson-Video-1.jpg
jobspklhr.com/wp-content/uploads/2023/09/ 27 KB
27 KB 175ms
175ms Image
image/jpeg 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jobspklhr.com/wp-content/uploads/2023/09/Scandal-Susanna-Gibson-Video-1.jpg

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9f94f36ea826128731394efe84408b5ced938e7376463b9eeb90076bf70b27a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 12 Sep 2023 05:40:26 GMT
server: LiteSpeed
etag: "6c10-64fff9ca-c613f38449e82d6c;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 27664
expires: Sat, 23 Sep 2023 01:39:43 GMT

GET
H3 200 Download-3.gif
jobspklhr.com/wp-content/uploads/2023/09/ 20 KB
20 KB 192ms
192ms Image
image/gif 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jobspklhr.com/wp-content/uploads/2023/09/Download-3.gif

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bc79fb81c2f33bfb6a694b2fd252bec6b43d252d02a0016f5b2a2af3ea5bb70d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 12 Sep 2023 05:41:36 GMT
server: LiteSpeed
etag: "50ed-64fffa10-4c58a7a9c31f9b65;;;"
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 20717
expires: Sat, 23 Sep 2023 01:39:43 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 817ms
44ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 10551552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9b7M8kdHSNnReOtNKuraMqbhyu2rRs%2FXMXLi1AeHeWSRk6eYmzLVSgpuRC13Ix2SrsBHI78scDRdYZsLzqj3yKZtmFgiyyWER%2BYWoFEMhJbVHcljz4Bqa1DtvDMaG2xaUTm7izvYZYuT3%2FS0%2Fh%2BagVAM"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 807565b9c95a905e-FRA
expires: Thu, 05 Sep 2024 01:39:44 GMT

HEAD
H3 200 / Show response
jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/ 0
377 B 212ms
211ms XHR
text/html 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.1.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/7.1.33
x-pingback: https://jobspklhr.com/xmlrpc.php
content-type: text/html; charset=UTF-8
platform: hostinger
link: <https://jobspklhr.com/wp-json/>; rel="https://api.w.org/", <https://jobspklhr.com/wp-json/wp/v2/posts/85>; rel="alternate"; type="application/json", <https://jobspklhr.com/?p=85>; rel=shortlink
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 6329623 Show response
ossmightyenar.net/400/ 89 KB
35 KB 785ms
90ms Script
application/javascript 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ossmightyenar.net/400/6329623

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

93b68dcb72f430a36b02dbfd51733053bc5479673a2545da33134eacc83047c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 0f162cfab04fc33380db574fd208bb8a
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

HEAD
H3 200 / Show response
jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/ 0
15 B 227ms
227ms XHR
text/html 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.1.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/7.1.33
x-pingback: https://jobspklhr.com/xmlrpc.php
content-type: text/html; charset=UTF-8
platform: hostinger
link: <https://jobspklhr.com/wp-json/>; rel="https://api.w.org/", <https://jobspklhr.com/wp-json/wp/v2/posts/85>; rel="alternate"; type="application/json", <https://jobspklhr.com/?p=85>; rel=shortlink

GET
H2 200 / Show response
gloorsie.com/5/6329355/ 97 B
1 KB 786ms
90ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gloorsie.com/5/6329355/?oo=1&aab=1
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8770f2fcc3b43d0a624d4e982e9993da5041763e13af9d438a53b6fd99379383

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
content-length: 97
x-trace-id: 62e60e71e1b0a39d64987769c58a5dbf
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://jobspklhr.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
gloorsie.com/ 78 KB
25 KB 783ms
89ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gloorsie.com/tag.min.js

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2c7ffff003f51d9b82e0132a6eb03e0b2c676048ed8c23e96df5c62e413be6a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=1
content-length: 25218
x-trace-id: 5dfaebed13a3b761b80a203288e9ccec
pragma: no-cache
last-modified: Mon, 11 Sep 2023 11:41:21 GMT
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
earlierindians.com/37413e711542318988d1d6cdcd054acb/ 0
0 994ms
137ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 16 Sep 2023 01:39:44 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 /
jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/ 2 KB
2 KB 574ms
574ms Image
text/html 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.1.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:43 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/7.1.33
x-pingback: https://jobspklhr.com/xmlrpc.php
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
platform: hostinger
link: <https://jobspklhr.com/wp-json/>; rel="https://api.w.org/", <https://jobspklhr.com/wp-json/wp/v2/posts/85>; rel="alternate"; type="application/json", <https://jobspklhr.com/?p=85>; rel=shortlink

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 29 KB
29 KB 729ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CNunito+Sans%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jobspklhr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 07:36:26 GMT
x-content-type-options: nosniff
age: 64998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29588
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:28:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Sep 2024 07:36:26 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
32 KB 770ms
81ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jobspklhr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 22:08:20 GMT
x-content-type-options: nosniff
age: 185484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 22:08:20 GMT

GET
H2 200 afb074b913477a55ec886f3b2d173f24
secure.gravatar.com/avatar/ 897 B
1 KB 716ms
38ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/afb074b913477a55ec886f3b2d173f24?s=28&d=mm&r=g
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 86d1c7f5c235818c60847ed7a6ec42927d899b03bfdc0e3b720aff01faeaacde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 16 Sep 2023 01:39:44 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="afb074b913477a55ec886f3b2d173f24.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/afb074b913477a55ec886f3b2d173f24?s=28&d=mm&r=g>; rel="canonical"
content-length: 897
expires: Sat, 16 Sep 2023 01:44:44 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 152ms
46ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: gloorsie.com
URL: https://gloorsie.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e31a391ccb396a9ad985289634c7a4c22a87eccb44438ce76249e2b2c01a3e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jobspklhr.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 6329321 Show response
woafoame.net/5/ 66 KB
25 KB 193ms
89ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://woafoame.net/5/6329321
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c10a79244fb03d1d960b29aeeb8b73baf1a6327b3bde4b2e5f3cbc1f6920985a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: gzip
x-trace-id: 08bc9f9507181d40f7dc240146ba629e
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
jouteetu.net/pfe/current/ 13 KB
6 KB 144ms
45ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/pfe/current/tag.min.js?z=6329314
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e58b4c163cb14f66ced74ce6a9fe37321b148a519af57a516335fc09851b0dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 14:59:22 GMT
server: nginx
etag: W/"65031fca-33d2"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 1 Show response
ophoacit.com/ 41 KB
16 KB 191ms
91ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ophoacit.com/1?z=6329324
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b58d12dbcd50ca3cd46893f111d291f7d083df3f52e6d5512723977f944fa8cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-trace-id: fea6c1219de5be8741d206cfdb22ea7c
pragma: no-cache
date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: gzip
x-sc: d1rXdTvz36E9E-fxqTMMIBE2zH_YL4eN35CfpjlGzi_Smc0sHHQDYzNhilWCvfOHzPN3tCsvnGPh65kW2jgvPmB0SRI=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 navigation.js Show response
jobspklhr.com/wp-content/themes/news-blog/inc/assets/js/ 3 KB
1 KB 175ms
174ms Script
application/x-javascript 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/wp-content/themes/news-blog/inc/assets/js/navigation.js?ver=1.0.4

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b01ff8e957863d48b5dbd16538bcd15dae28bcc38d20fd9169675fdcec44c44f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 10 Sep 2023 04:43:58 GMT
server: LiteSpeed
etag: "c03-64fd498e-c9a9ee99467b5810;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 941
expires: Sat, 23 Sep 2023 01:39:44 GMT

GET
H3 200 modal.js Show response
jobspklhr.com/wp-content/themes/news-blog/js/ 17 KB
4 KB 175ms
175ms Script
application/x-javascript 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/wp-content/themes/news-blog/js/modal.js?ver=1.0.4

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3b2f4ec38835db9e9a61239b1350b894d1e936847ed9cb144c36a88938a24f4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 10 Sep 2023 04:43:58 GMT
server: LiteSpeed
etag: "43f3-64fd498e-d7ad8ce81f49e06c;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3629
expires: Sat, 23 Sep 2023 01:39:44 GMT

GET
H3 200 comment-reply.min.js Show response
jobspklhr.com/wp-includes/js/ 3 KB
1 KB 176ms
175ms Script
application/x-javascript 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/wp-includes/js/comment-reply.min.js?ver=6.3.1

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 10 Sep 2023 04:33:45 GMT
server: LiteSpeed
etag: "ba5-64fd4729-bb6f98c7fae83665;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1229
expires: Sat, 23 Sep 2023 01:39:44 GMT

GET
H3 200 custom.js Show response
jobspklhr.com/wp-content/themes/news-blog/js/ 4 KB
1 KB 176ms
175ms Script
application/x-javascript 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/wp-content/themes/news-blog/js/custom.js?ver=6.3.1

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

fce214080971e026f71e4cf1b5d05a88d77090766d78a1f4737de3dd3cb2aa4a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 10 Sep 2023 04:43:58 GMT
server: LiteSpeed
etag: "11f3-64fd498e-4b803a8e62c61a3c;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1395
expires: Sat, 23 Sep 2023 01:39:44 GMT

GET
H2 200 stattag.js Show response
tzegilo.com/ 19 KB
8 KB 484ms
49ms Script
application/javascript 2606:4700:e4::ac40:a222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: ossmightyenar.net
URL: https://ossmightyenar.net/400/6329623
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4239
etag: W/"64f987a8-4a4b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kBjckuHvEc0kHmebTsYK5SWcy5tQfca2zgVOMmm57L%2Bj7XlMhWM9xGBkdoTETPP93CBbGE3tUCOdAIyB2IRek%2BcC%2B%2FC01hDdLZvONRtrrA2Kr6DraM4EZOGd1eS1l0EOumR6FSAqd5mJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 807565bd7dd19b4c-FRA
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 436ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZHVSDG5PPD&gtm=45je39d0&_p=1215565400&cid=197135452.1694828384&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694828384&sct=1&seg=0&dl=https%3A%2F%2Fjobspklhr.com%2Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%2F&dt=Susanna%20Gibson%20leaked%20videos%20on%20twitter%20and%20telegram%20%E2%80%93%20Virginia%20Democrat%20candidate&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHVSDG5PPD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Sep 2023 01:39:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jobspklhr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
93 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F6D35RTV14&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHVSDG5PPD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5345cdf16f799efdc324b9a86509efb38c7f6bc618bc4e55bf69b1ae4424bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94817
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 16 Sep 2023 01:39:44 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 402ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F6D35RTV14&gtm=45je39d0&_p=1215565400&cid=197135452.1694828384&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694828384&sct=1&seg=0&dl=https%3A%2F%2Fjobspklhr.com%2Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%2F&dt=Susanna%20Gibson%20leaked%20videos%20on%20twitter%20and%20telegram%20%E2%80%93%20Virginia%20Democrat%20candidate&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F6D35RTV14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Sep 2023 01:39:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jobspklhr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
gloorsie.com/5/6329355/ 3 KB
2 KB 47ms
47ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gloorsie.com/5/6329355/?abt_opts=1&oo=1&aab=1&js_build=iclick-v1.599.0&userId=0ffb1f6c5a2e4040ac1762951bb94166
Requested by: Host: gloorsie.com
URL: https://gloorsie.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1b6cd0428817d6bd4b17624d12e03a69bb1288b5144027d7527edff0da0200d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
content-encoding: gzip
x-trace-id: a985fea426bc926bc891934d54246a3e
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://jobspklhr.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
earlierindians.com/37413e711542318988d1d6cdcd054acb/ 0
0 130ms
130ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 16 Sep 2023 01:39:44 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 204 6329623 Show response
ossmightyenar.net/500/ 0
582 B 56ms
56ms XHR
text/plain 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ossmightyenar.net/500/6329623?excludes=&oaid=0ffb1f6c5a2e4040ac1762951bb94166&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fjobspklhr.com%2Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&js_build=5&sw_version=v1.298.0

Requested by

Host: ossmightyenar.net
URL: https://ossmightyenar.net/400/6329623

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 66c76c0bfac108ffd57f001934b5e7f2
pragma: no-cache
date: Sat, 16 Sep 2023 01:39:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
access-control-allow-origin: https://jobspklhr.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 6329623
ossmightyenar.net/500/ Frame 0
0 137ms
45ms Preflight 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://jobspklhr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://jobspklhr.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Sat, 16 Sep 2023 01:39:44 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 / Show response
gloorsie.com/ 2 KB
2 KB 47ms
47ms Fetch
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gloorsie.com/?rb=yFG8jcKdaBqcCLIV5QU1l0GVPeKSniHg0GM9MePl0j0SCBZRfqk3P91dC-kyObPIwh0rhlN8Znlf5g9tYEUVIG2JM7_OLw9zV2Cps6A_Xl8VLLsNCXtkvpF_gzpMyUjhPEm6typTgHgTXk6FXWwfr7dV0Q65x9gdoRzVjBkVbuZQWh6cgqa3u2-wkzipx20P1_eWVmLrqQxJsbv5fyT44gp5O3nrw9fCRlaiPJXUUBlTX8VOFvU2hoqRfRxP8Y2mJk0Y1s9tn_eg-u-7QwQfpYPuGxE%3D&request_ab2=150012&zoneid=6329355&js_build=iclick-v1.599.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=2&pl=https%3A%2F%2Fjobspklhr.com%2Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.599.0&bs=7ab6fff2-25db-44df-80f2-d84db5c6e14b&userId=0ffb1f6c5a2e4040ac1762951bb94166&m=link

Requested by

Host: gloorsie.com
URL: https://gloorsie.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ece2b34358a35cf77197d70955b6ce8edbafc7fea7069dae426c46e382e5c683

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: cf653d57fb4451ce072a08fad146c4b5
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://jobspklhr.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
earlierindians.com/37413e711542318988d1d6cdcd054acb/ 0
0 134ms
133ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 16 Sep 2023 01:39:44 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 90ms
46ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://jobspklhr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:44 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 806970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Thu, 22 Jun 2023 11:02:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3a-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9N8yjzVeshXM%2FbmDSzssyiOGj2ogcrXIIBu2bL8vsv3jebhBlATiF0gRryNw%2Bdv%2BHCFzfA6Uz66l%2BtWOsmUkf%2BEmszieejtfrdsgWwnPtMpjoJG%2FAuH5tzeaSrLemm1rq0Giu25bpwDfxDi0tfVIZBb7"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 807565bddefd90d6-FRA
expires: Thu, 05 Sep 2024 01:39:44 GMT

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
483 B 154ms
46ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 16 Sep 2023 01:41:07 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://jobspklhr.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H/1.1 403
Forbidden invoke.js
earlierindians.com/37413e711542318988d1d6cdcd054acb/ 0
0 133ms
133ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 16 Sep 2023 01:39:45 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
earlierindians.com/37413e711542318988d1d6cdcd054acb/ 0
0 130ms
130ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 16 Sep 2023 01:39:45 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
earlierindians.com/37413e711542318988d1d6cdcd054acb/ 0
0 134ms
134ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 16 Sep 2023 01:39:45 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 images-1.jpg
jobspklhr.com/wp-content/uploads/2023/09/ 4 KB
4 KB 174ms
174ms Image
image/jpeg 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jobspklhr.com/wp-content/uploads/2023/09/images-1.jpg

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f9633f101a557aff8e2e50e6ffabb13b947aa8bff3b2231e7837addf9dcde2cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:45 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 12 Sep 2023 05:44:03 GMT
server: LiteSpeed
etag: "eb4-64fffaa3-6023dfccfc2d4fa9;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3764
expires: Sat, 23 Sep 2023 01:39:45 GMT

GET
H/1.1 403
Forbidden invoke.js
earlierindians.com/37413e711542318988d1d6cdcd054acb/ 0
0 136ms
136ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 16 Sep 2023 01:39:45 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 6329323 Show response
punoocke.com/400/ 80 KB
31 KB 211ms
92ms Script
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://punoocke.com/400/6329323

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e75f882dc01cc901f9af64a8518c916de9b9fa0d07198784a44ec83256a50ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: fedcd3e62ae0cbe1308b490b76e9b1ce
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 6329325 Show response
glizauvo.net/401/ 89 KB
35 KB 195ms
94ms Script
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glizauvo.net/401/6329325

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7cffc4b56bf64b2266d93cbbab8f4cb357be44221404d5fe07fd48c8eaf408b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 3cf271506b3b8ef1f706f146e6bfe709
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
30 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jobspklhr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 07:33:53 GMT
x-content-type-options: nosniff
age: 583552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31052
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 07:33:53 GMT

GET
H2 200 zone Show response
jouteetu.net/ 880 B
1 KB 46ms
45ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://jouteetu.net/zone?pub=0&zone_id=6329314&is_mobile=false&domain=jobspklhr.com&var=&ymid=&var_3=&tg=0

Requested by

Host: jouteetu.net
URL: https://jouteetu.net/pfe/current/tag.min.js?z=6329314

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

43389bb9da691c2a3b04409b47a8ac5e46f437188750bcd846f1e24f44df9345

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-trace-id: d608ace2d93f0234186aa06ac814692f
date: Sat, 16 Sep 2023 01:39:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jobspklhr.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 880

GET
H2 200 universal.min.js Show response
jouteetu.net/pfe/current/ 85 KB
33 KB 184ms
92ms Fetch
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/pfe/current/universal.min.js?v=3.1.460
Requested by: Host: jouteetu.net
URL: https://jouteetu.net/pfe/current/tag.min.js?z=6329314
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5d1d95a226026f763d0d086ef23b7cdc09e9dd0c68df56d6d638b0474a64e1e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Sep 2023 01:39:45 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 14:59:22 GMT
server: nginx
etag: W/"65031fca-155a7"
content-type: application/javascript
access-control-allow-origin: https://jobspklhr.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 1 Show response
ophoacit.com/ 966 B
2 KB 46ms
46ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ophoacit.com/1?z=6329324&oo=1&oaid=0ffb1f6c5a2e4040ac1762951bb94166
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/1?z=6329324
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 32c83fece9fe1bb26348e0bd63f5bf64a3261f2852f612651409ff9ef1ab0b02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-trace-id: 8d30e31758583b24237a2c36f3e200c1
pragma: no-cache
date: Sat, 16 Sep 2023 01:39:45 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://jobspklhr.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 966
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
woafoame.net/5/6329321/ 3 KB
2 KB 48ms
48ms XHR
application/json 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://woafoame.net/5/6329321/?abt_opts=1&js_build=iclick-v1.599.0&userId=0ffb1f6c5a2e4040ac1762951bb94166
Requested by: Host: woafoame.net
URL: https://woafoame.net/5/6329321
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c2dfe97f288ffa980f7ff9f78973e30393910d55ca650329bfc8bac76723b28c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:45 GMT
content-encoding: gzip
x-trace-id: b02963d3385451df32807a9adcc52cc3
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://jobspklhr.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
jobspklhr.com/wp-includes/js/ 18 KB
5 KB 175ms
175ms Script
application/x-javascript 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:45 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 10 Sep 2023 04:33:45 GMT
server: LiteSpeed
etag: "4904-64fd4729-9b78c4893ec2693c;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4605
expires: Sat, 23 Sep 2023 01:39:45 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 357 KB
123 KB 172ms
54ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: video.onetouch8.info
URL: https://video.onetouch8.info/d-video.js?b=24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02f8c15ba65b0ae9db6f957d28f9ae1adbc048090cca772bec7301451a8c1dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125468
x-xss-protection: 0
expires: Sat, 16 Sep 2023 01:39:45 GMT

GET
H2 200 pu-ob.js Show response
7ool.net/richpartners/pops/js/ 7 KB
3 KB 136ms
42ms Script
application/javascript 46.105.199.75
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://7ool.net/richpartners/pops/js/pu-ob.js
Requested by: Host: richinfo.co
URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.199.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 30ea49d8a82e6fc450efdb0bf1535069b10d648dbcf69c9d1388cf4a81f98722

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:38:39 GMT
content-encoding: br
last-modified: Fri, 01 Sep 2023 08:50:34 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "64f1a5da-1c1e"
content-type: application/javascript
cache-control: max-age=1209600
x-grace: full
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 2470
x-request-id: 136972827
expires: Sat, 30 Sep 2023 01:38:39 GMT

GET
H2 200 e70947491773b29465b66e664f6dd7f1 Show response
ophoacit.com/27/ 403 KB
128 KB 47ms
47ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ophoacit.com/27/e70947491773b29465b66e664f6dd7f1

Requested by

Host: ophoacit.com
URL: https://ophoacit.com/1?z=6329324

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4a29d993864a9f91a4137d3fe1d3e1ddbffad9d130c4be30e191cc8a9095bb1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-trace-id: 17b0e494f296fea2ec45d9566a98c1d5
date: Sat, 16 Sep 2023 01:39:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Tue, 12 Sep 2023 06:15:15 GMT
server: nginx
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Tue, 12 Oct 2083 06:15:15 GMT

GET
H2 200 fp.js Show response
7ool.net/richpartners/pops/js/ 30 KB
11 KB 44ms
43ms Script
application/javascript 46.105.199.75
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://7ool.net/richpartners/pops/js/fp.js
Requested by: Host: richinfo.co
URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.199.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 8c6f5f092a4b4ab3a3d709a1e4ab59581c69cc6ab2de919f8d526edeb738d9a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:22 GMT
content-encoding: br
last-modified: Fri, 01 Sep 2023 08:50:34 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "64f1a5da-7785"
content-type: application/javascript
cache-control: max-age=1209600
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 10932
x-request-id: 895034188
expires: Sat, 30 Sep 2023 01:39:22 GMT

GET
H2 200 6329323 Show response
punoocke.com/400/ 2 KB
1 KB 47ms
47ms XHR
application/json 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://punoocke.com/400/6329323?oo=1&oaid=0ffb1f6c5a2e4040ac1762951bb94166&sw_version=v1.298.0

Requested by

Host: punoocke.com
URL: https://punoocke.com/400/6329323

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9ee63c120b2de5a96c75541b6c3200119c253ace89d3c33d819dcd7ab749e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 2953b5444188d3ea181ba3c8f086f5fa
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/json
access-control-allow-origin: https://jobspklhr.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 9 Show response
ophoacit.com/ 6 KB
3 KB 48ms
47ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ophoacit.com/9?z=6329324&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fjobspklhr.com%2Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&oaid=0ffb1f6c5a2e4040ac1762951bb94166
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/e70947491773b29465b66e664f6dd7f1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3e51587c49b53bc620e4bae1e444d0f1416ad4bd016e04d93ad266aa2b2be41d

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 12cc5acf5a011f83380fc862d3474770
pragma: no-cache
date: Sat, 16 Sep 2023 01:39:46 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://jobspklhr.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
ophoacit.com/ Frame 0
0 137ms
45ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ophoacit.com/9?z=6329324&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fjobspklhr.com%2Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&oaid=0ffb1f6c5a2e4040ac1762951bb94166
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jobspklhr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://jobspklhr.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Sat, 16 Sep 2023 01:39:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 info Show response
us.convers.link/users/ 219 B
297 B 584ms
135ms Script
application/json 2a00:1d26:8771::11
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.convers.link/users/info?callback=userinfo_rp_pu
Requested by: Host: richinfo.co
URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:1d26:8771::11 Atlanta, United States, ASN49544 (I3DNET, NL),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 8496f5b961be7cac00d6ad3b04868ae6a1b0c77c39aea881577f0c53ddd5a032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
content-encoding: gzip
server: openresty/1.21.4.1
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 custom
jouteetu.net/ Frame 0
0 51ms
51ms Preflight
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jobspklhr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://jobspklhr.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 16 Sep 2023 01:39:45 GMT
server: nginx

POST
H2 200 custom Show response
jouteetu.net/ 39 B
324 B 47ms
46ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://jouteetu.net/custom

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: c88c4bace33c566362edafd0e7bef19b
date: Sat, 16 Sep 2023 01:39:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jobspklhr.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H3 200 sw.js Show response
jobspklhr.com/ 5 KB
2 KB 175ms
175ms Fetch
application/x-javascript 2a02:4780:b:1059:0:1c15:593f:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://jobspklhr.com/sw.js

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1059:0:1c15:593f:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e7f975386b8c4c4b95727a10504c29f4dfc1db000f9a3113c182a9f97211760f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:45 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 14 Sep 2023 10:31:36 GMT
server: LiteSpeed
etag: "1474-6502e108-b80a55037385b92f;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2320
expires: Sat, 23 Sep 2023 01:39:45 GMT

GET
H2 200 bridge3.589.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame EEA4 722 KB
232 KB 59ms
39ms Document
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jobspklhr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 115411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236935
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 17:36:14 GMT
expires: Fri, 13 Sep 2024 17:36:14 GMT
last-modified: Wed, 13 Sep 2023 16:17:11 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 160ms
56ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Sep 2023 01:39:46 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E2FC 40 KB
14 KB 131ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 16 Sep 2023 02:36:14 GMT

GET
H2 204 6329325 Show response
glizauvo.net/500/ 0
582 B 56ms
54ms XHR
text/plain 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glizauvo.net/500/6329325?excludes=&oaid=0ffb1f6c5a2e4040ac1762951bb94166&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fjobspklhr.com%2Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&js_build=5&sw_version=v1.298.0

Requested by

Host: glizauvo.net
URL: https://glizauvo.net/401/6329325

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 3cfc028228b0394531e717ac7a54960d
pragma: no-cache
date: Sat, 16 Sep 2023 01:39:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
access-control-allow-origin: https://jobspklhr.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 6329325
glizauvo.net/500/ Frame 0
0 143ms
51ms Preflight 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://jobspklhr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://jobspklhr.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Sat, 16 Sep 2023 01:39:46 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 11 Show response
ophoacit.com/ 0
594 B 57ms
57ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ophoacit.com/11?rnd=4070114859&z=6329324&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=rgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA==&ruid=24dfd754-d4d2-47a9-9702-12c6bdc5d645&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fjobspklhr.com%2Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&ot=212
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/e70947491773b29465b66e664f6dd7f1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-trace-id: f6a203a046d554e5cff3eba50c12f941
pragma: no-cache
date: Sat, 16 Sep 2023 01:39:46 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://jobspklhr.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 6329323
punoocke.com/500/ Frame 0
0 166ms
52ms Preflight 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://punoocke.com/500/6329323?excludes=&oaid=0ffb1f6c5a2e4040ac1762951bb94166&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fjobspklhr.com%2Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&js_build=5&sw_version=v1.298.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://jobspklhr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://jobspklhr.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Sat, 16 Sep 2023 01:39:46 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 6329323 Show response
punoocke.com/500/ 4 KB
4 KB 183ms
182ms XHR
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: punoocke.com
URL: https://punoocke.com/400/6329323

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

01fd78d685df03653219c503e3d27be8e75120914b2303a0876774cf56eb8fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: f2bbf09271e9cc8f25f09acbd1e55cb8
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://jobspklhr.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 / Show response
interstitial-08.com/ Frame 167E 21 KB
6 KB 217ms
83ms Document
text/html 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1176315762%26z%3D6329324%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D24dfd754-d4d2-47a9-9702-12c6bdc5d645%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fjobspklhr.com%252Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/e70947491773b29465b66e664f6dd7f1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.27
Resource Hash: 3c72b6c9a7546dc20a8954b53d3c5b42d23eb6f576de32a17ffdf216692bf10b

Request headers

Referer: https://jobspklhr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 16 Sep 2023 01:39:46 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.27

GET
H2 404 tag Show response
video.onetouch8.info/api/video/ Frame EEA4 0
457 B 67ms
66ms XHR
application/xml 2606:4700:e6::ac40:c41c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/api/video/tag?sourceId=48554&tmax=500&video-skipafter=5&count=2&tagId=lzb2xbs6863b30yr
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: -: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqqsJ13mPdRlyi3vHDcD6q9pLzv5CkCweVGwtjObJJ6vyxyAGFvwndrTpO%2B9nb3N7R6s2qDY4k2oOGoMvC0Go6%2Bc19GG1BZkU18YXRI6GdDnc0LixxlnyOcsCW4VUrcDlkEMl8eN%2BndkFO2DSTU%2BHiuh0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 807565c58a4f048b-FRA
access-control-allow-headers: Content-type
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom Show response
jouteetu.net/ 39 B
324 B 51ms
51ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://jouteetu.net/custom

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 28e62377a2535241f9df7537b0cea88d
date: Sat, 16 Sep 2023 01:39:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jobspklhr.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
jouteetu.net/ Frame 0
0 53ms
51ms Preflight
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jobspklhr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://jobspklhr.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 16 Sep 2023 01:39:46 GMT
server: nginx

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
542 B 57ms
56ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=a820036a4e0342b0bf45a92aeea847b3&zoneId=6329314&checkDuplicate=true&ymid=&var=

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e31a391ccb396a9ad985289634c7a4c22a87eccb44438ce76249e2b2c01a3e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jobspklhr.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 404 tag Show response
video.onetouch8.info/api/video/ Frame EEA4 0
517 B 109ms
57ms XHR
application/xml 2606:4700:e6::ac40:c41c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/api/video/tag?sourceId=48554&tmax=500&video-skipafter=5&count=2&tagId=lzb2xbs6863b30yr
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c41c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: -: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGJwRYXxlPfyx141DYtHlhqu2jMGiWPvHYRmTZ5QS6yXxw4eOo%2BI9%2B17%2B2ruhAE7dLwB0x7TUk3WgSu1Aoxxgnl0eRA9svgzTH4aSKAEL9PIM2NssADg1tupQj6jvQf6G0FYStYDmoWC9B%2FtH9D255HrYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 807565c64e9fbbdf-FRA
access-control-allow-headers: Content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame 167E 12 KB
2 KB 152ms
50ms Stylesheet
text/css 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1176315762%26z%3D6329324%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D24dfd754-d4d2-47a9-9702-12c6bdc5d645%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fjobspklhr.com%252Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 14:18:39 GMT
server: cloudflare
age: 3003
etag: W/"64d6433f-30c9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 807565c73e903655-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 167E 3 KB
3 KB 152ms
51ms Image
image/png 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1176315762%26z%3D6329324%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D24dfd754-d4d2-47a9-9702-12c6bdc5d645%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fjobspklhr.com%252Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
cf-cache-status: HIT
age: 1995
content-length: 3429
last-modified: Fri, 11 Aug 2023 14:18:39 GMT
server: cloudflare
etag: "64d6433f-d65"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 807565c73e923655-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 0100657458245.jpeg
interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame 167E 52 KB
53 KB 46ms
45ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1176315762%26z%3D6329324%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D24dfd754-d4d2-47a9-9702-12c6bdc5d645%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fjobspklhr.com%252Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1176315762%26z%3D6329324%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D24dfd754-d4d2-47a9-9702-12c6bdc5d645%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fjobspklhr.com%252Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-d0e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 53472

GET
H2 200 0933414948049.jpeg
interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame 167E 14 KB
15 KB 135ms
134ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1176315762%26z%3D6329324%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D24dfd754-d4d2-47a9-9702-12c6bdc5d645%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fjobspklhr.com%252Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1176315762%26z%3D6329324%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D24dfd754-d4d2-47a9-9702-12c6bdc5d645%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fjobspklhr.com%252Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
last-modified: Wed, 15 Aug 2018 10:56:50 GMT
server: nginx
etag: "5b7406f2-393b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 14651

GET
H2 200 0350025199145.jpeg
interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame 167E 35 KB
35 KB 135ms
135ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1176315762%26z%3D6329324%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D24dfd754-d4d2-47a9-9702-12c6bdc5d645%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fjobspklhr.com%252Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1176315762%26z%3D6329324%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D24dfd754-d4d2-47a9-9702-12c6bdc5d645%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fjobspklhr.com%252Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
last-modified: Tue, 17 Jul 2018 10:46:08 GMT
server: nginx
etag: "5b4dc8f0-8b17"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 35607

GET
H2 200 01289039865190.jpeg
interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame 167E 49 KB
50 KB 136ms
135ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1176315762%26z%3D6329324%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D24dfd754-d4d2-47a9-9702-12c6bdc5d645%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fjobspklhr.com%252Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1176315762%26z%3D6329324%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D24dfd754-d4d2-47a9-9702-12c6bdc5d645%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fjobspklhr.com%252Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-c502"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 50434

GET
H2 200 player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 167E 28 KB
28 KB 141ms
49ms Image
image/png 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1176315762%26z%3D6329324%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D24dfd754-d4d2-47a9-9702-12c6bdc5d645%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fjobspklhr.com%252Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
cf-cache-status: HIT
age: 4488
content-length: 28527
last-modified: Fri, 11 Aug 2023 14:18:39 GMT
server: cloudflare
etag: "64d6433f-6f6f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 807565c73e943655-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 script.js Show response
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame 167E 1 KB
562 B 145ms
52ms Script
application/javascript 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D1176315762%26z%3D6329324%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D24dfd754-d4d2-47a9-9702-12c6bdc5d645%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fjobspklhr.com%252Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 14:18:39 GMT
server: cloudflare
age: 4144
etag: W/"64d6433f-58b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 807565c73e913655-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 64f9e86810ea7t1694099560r7636.jpg.webp
i.cdnkimg.com/auto/192/q85/image/vk/5196/196/ 9 KB
9 KB 173ms
50ms Image
image/webp 45.133.44.37
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cdnkimg.com/auto/192/q85/image/vk/5196/196/64f9e86810ea7t1694099560r7636.jpg.webp
Requested by: Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.37 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: d6d8eabcf607aadde6ac59e11d27561beaa7dd8b61f2cba706f1581889b24d06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Sat, 30 Sep 2023 01:39:46 GMT
date: Sat, 16 Sep 2023 01:39:46 GMT
server: nginx/1.23.2
x-cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
content-length: 8792
x-proxy-cache: HIT

GET
H2 200 md5.js Show response
7ool.net/richpartners/pops/js/ 47 KB
16 KB 42ms
42ms Script
application/javascript 46.105.199.75
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://7ool.net/richpartners/pops/js/md5.js
Requested by: Host: richinfo.co
URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.199.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ce83db32028f370ef58605bf13bedbf32a82f34677f7fd62e17a10d8790910c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:23 GMT
content-encoding: br
last-modified: Fri, 01 Sep 2023 08:50:34 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "64f1a5da-bc70"
content-type: application/javascript
cache-control: max-age=1209600
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 15894
x-request-id: 895034189
expires: Sat, 30 Sep 2023 01:39:23 GMT

GET
H2 200 c599faec24604f6d7bf19f95a3281c7f.json Show response
cdn.adx1.com/publisher-config/ 281 B
459 B 172ms
42ms Fetch
application/json 5.200.15.239
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adx1.com/publisher-config/c599faec24604f6d7bf19f95a3281c7f.json
Requested by: Host: richinfo.co
URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.200.15.239 Rotterdam, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: b975607291f610a4be16fcdf682dca44ae5e2ff769e5b93c4ad210c1a1740d22

Request headers

accept: application/json
Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 01:39:46 GMT
content-encoding: gzip
last-modified: Sun, 10 Sep 2023 05:10:53 GMT
server: openresty/1.21.4.1
etag: W/"64fd4fdd-119"
content-type: application/json
access-control-allow-origin: https://jobspklhr.com
cache-control: max-age=1209600
access-control-allow-credentials: true
expires: Sat, 30 Sep 2023 00:47:39 GMT

GET
H2 200 11 Show response
ophoacit.com/ 0
732 B 51ms
51ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ophoacit.com/11?rnd=4070114859&z=6329324&b=5362695&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=rgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA==&ruid=24dfd754-d4d2-47a9-9702-12c6bdc5d645&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fjobspklhr.com%2Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/e70947491773b29465b66e664f6dd7f1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-trace-id: 933fc44fc1e5e07504d9ab713996080e
pragma: no-cache
date: Sat, 16 Sep 2023 01:39:46 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://jobspklhr.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 custom
jouteetu.net/ Frame 0
0 45ms
45ms Preflight
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jobspklhr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://jobspklhr.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 16 Sep 2023 01:39:46 GMT
server: nginx

POST
H2 200 custom Show response
jouteetu.net/ 39 B
324 B 45ms
45ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://jouteetu.net/custom

Requested by

Host: jobspklhr.com
URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://jobspklhr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: fd471c26e16f99e007203c13a8e26dd9
date: Sat, 16 Sep 2023 01:39:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jobspklhr.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
DATA 200
OK truncated
/ Frame 167E 548 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 / Show response
8961.xml.4armn.com/ 123 B
251 B 353ms
225ms XHR
text/xml 5.200.15.238
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: https://8961.xml.4armn.com/?ip=2a01:4a0:1338:92::10&country=DEU&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/117.0.5938.62%20Safari/537.36&pubid=894208&siteid=334966&domain=jobspklhr.com&user_id=24700f9f1986800ab4fcc880530dd0ed&lang=en-US&source=1
Requested by: Host: 7ool.net
URL: https://7ool.net/richpartners/pops/js/pu-ob.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.200.15.238 Rotterdam, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
Software: /
Resource Hash: d821423ac23791881ea785e924ade9f680a38b37752bb325a6a85d32d055fa1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-origin: https://jobspklhr.com
content-encoding: gzip
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8

GET
H2 204 15 Show response
ophoacit.com/ 0
581 B 48ms
48ms XHR
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ophoacit.com/15?rnd=1403367422&z=6329324&var=&varid=0&rb=rgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA==&ruid=24dfd754-d4d2-47a9-9702-12c6bdc5d645&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.22%2C%22location%22%3A%22https%3A%2F%2Fjobspklhr.com%2Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A3%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/e70947491773b29465b66e664f6dd7f1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-trace-id: 0df7a5fd77328ac753fa198ccce2b912
pragma: no-cache
date: Sat, 16 Sep 2023 01:39:47 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://jobspklhr.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 15 Show response
ophoacit.com/ 0
581 B 46ms
46ms XHR
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ophoacit.com/15?rnd=1403367422&z=6329324&var=&varid=0&rb=rgJbu4_PecGlOVnwtYWVO50c3e0gtTDSJ98XTawgnA3wzCVEufOClUKWliGBtpYo3RrVLMVl9C8UoHGwvQE_JyMlmY6fqi16GtyrJqQFoZd6-fjzHYz3Jk9efqHO4yJroREj_vsaXN1Dph7qlyVT2GewVQ1bxb_Os6MuheGLVWCEVPtVoV_ybIfKQIdNldFN_YcOKuTfZWOxhBWTJdnPtQbJmFV0t9Qu-uQvv-Adgi922afUlC3LX82W6JHc_CVMw5SeQ1pvaVRGq6Ga3Wv8RSfaeHcosVdbZaRSbrJiuFdnQwKKVx9vAddEyir4uGBRYoElsA==&ruid=24dfd754-d4d2-47a9-9702-12c6bdc5d645&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.221%2C%22location%22%3A%22https%3A%2F%2Fjobspklhr.com%2Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A3%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/e70947491773b29465b66e664f6dd7f1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-trace-id: 23ae64be9203737efce5b937f2a0840e
pragma: no-cache
date: Sat, 16 Sep 2023 01:39:49 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://jobspklhr.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZHVSDG5PPD&gtm=45je39d0&_p=1215565400&cid=197135452.1694828384&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1694828384&sct=1&seg=0&dl=https%3A%2F%2Fjobspklhr.com%2Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%2F&dt=Susanna%20Gibson%20leaked%20videos%20on%20twitter%20and%20telegram%20%E2%80%93%20Virginia%20Democrat%20candidate&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHVSDG5PPD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Sep 2023 01:39:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jobspklhr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 46ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F6D35RTV14&gtm=45je39d0&_p=1215565400&cid=197135452.1694828384&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1694828384&sct=1&seg=0&dl=https%3A%2F%2Fjobspklhr.com%2Fsusanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate%2F&dt=Susanna%20Gibson%20leaked%20videos%20on%20twitter%20and%20telegram%20%E2%80%93%20Virginia%20Democrat%20candidate&en=scroll&epn.percent_scrolled=90&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F6D35RTV14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jobspklhr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Sep 2023 01:39:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jobspklhr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gloorsie.com/	1970-01-20 23:32:44	Name: oaidts Value: 1694828384
.jobspklhr.com/	1970-01-21 00:23:08	Name: _ga Value: GA1.1.197135452.1694828384
.jobspklhr.com/	1970-01-21 00:23:08	Name: _ga_ZHVSDG5PPD Value: GS1.1.1694828384.1.0.1694828384.0.0.0
.jobspklhr.com/	1970-01-21 00:23:08	Name: _ga_F6D35RTV14 Value: GS1.1.1694828384.1.0.1694828384.0.0.0
my.rtmark.net/	1970-01-20 23:32:44	Name: ID Value: 0ffb1f6c5a2e4040ac1762951bb94166
gloorsie.com/	1970-01-20 23:32:44	Name: OAID Value: 0ffb1f6c5a2e4040ac1762951bb94166
gloorsie.com/	1970-01-20 14:57:13	Name: syncedCookie Value: true
ophoacit.com/	1970-01-20 23:32:44	Name: scm Value: 1
ophoacit.com/	1970-01-20 23:32:44	Name: oaidts Value: 1694828384
ossmightyenar.net/	1970-01-20 23:32:44	Name: OAID Value: 0ffb1f6c5a2e4040ac1762951bb94166
jobspklhr.com/	1970-01-20 14:47:08	Name: prefetchAd_6329355 Value: true
ophoacit.com/	1970-01-20 23:32:44	Name: OAID Value: 0ffb1f6c5a2e4040ac1762951bb94166
woafoame.net/	1970-01-20 23:32:44	Name: OAID Value: 0ffb1f6c5a2e4040ac1762951bb94166
woafoame.net/	1970-01-20 23:32:44	Name: oaidts Value: 1694828385
woafoame.net/	1970-01-20 14:57:13	Name: syncedCookie Value: true
punoocke.com/	1970-01-20 23:32:44	Name: OAID Value: 0ffb1f6c5a2e4040ac1762951bb94166
glizauvo.net/	1970-01-20 23:32:44	Name: OAID Value: 0ffb1f6c5a2e4040ac1762951bb94166
ophoacit.com/	1970-01-20 23:32:44	Name: oaidvc Value: 1
ophoacit.com/	1970-01-20 14:47:11	Name: CNT Value: 1_v1_B9RRAAEAAACgTAAA
jobspklhr.com/	1970-01-20 14:48:34	Name: RP_ADVERTISER_POP_LIMIT Value: 4
jobspklhr.com/	1970-01-20 14:48:34	Name: RP_ADVERTISER_POP_INTERVAL_IN_SECONDS Value: 60
jobspklhr.com/	1970-01-20 14:48:34	Name: RP_ADVERTISER_POP_DELAY_IN_SECONDS Value: 15
jobspklhr.com/	1970-01-20 14:48:34	Name: RP_ADVERTISER_POP_RESET_LIMIT Value: false
jobspklhr.com/	1970-01-20 14:48:34	Name: RP_ADVERTISER_POP_TYPE Value: POP_UP

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/(Line 332) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/(Line 332) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/(Line 353) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/(Line 353) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/(Line 450) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/(Line 450) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/(Line 479) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/(Line 479) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/(Line 500) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/(Line 500) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/(Line 597) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/(Line 597) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/(Line 630) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jobspklhr.com/susanna-gibson-leaked-videos-on-twitter-and-telegram-virginia-democrat-candidate/(Line 630) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://earlierindians.com/37413e711542318988d1d6cdcd054acb/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 487) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://video.onetouch8.info/api/video/tag?sourceId=48554&tmax=500&video-skipafter=5&count=2&tagId=lzb2xbs6863b30yr Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://video.onetouch8.info/api/video/tag?sourceId=48554&tmax=500&video-skipafter=5&count=2&tagId=lzb2xbs6863b30yr Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7ool.net
8961.xml.4armn.com
cdn.adx1.com
cdnjs.cloudflare.com
earlierindians.com
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
glizauvo.net
gloorsie.com
i.cdnkimg.com
imasdk.googleapis.com
interstitial-08.com
jobspklhr.com
jouteetu.net
littlecdn.com
my.rtmark.net
ophoacit.com
ossmightyenar.net
pagead2.googlesyndication.com
punoocke.com
region1.google-analytics.com
richinfo.co
s.id
s0.2mdn.net
secure.gravatar.com
tzegilo.com
us.convers.link
video.onetouch8.info
woafoame.net
www.googletagmanager.com
139.45.195.254
139.45.195.8
139.45.197.151
139.45.197.236
139.45.197.239
139.45.197.242
139.45.197.245
139.45.197.251
192.243.59.12
2001:4860:4802:34::36
2606:4700:10::6816:1974
2606:4700:20::681a:7f9
2606:4700:20::ac43:4b68
2606:4700::6811:190e
2606:4700:e4::ac40:a222
2606:4700:e6::ac40:c41c
2a00:1450:4001:806::2008
2a00:1450:4001:806::200a
2a00:1450:4001:80f::200a
2a00:1450:4001:828::2006
2a00:1450:4001:829::2003
2a00:1450:4001:831::2002
2a00:1d26:8771::11
2a02:4780:b:1059:0:1c15:593f:3
2a04:fa87:fffe::c000:4902
45.133.44.37
46.105.199.75
5.200.15.238
5.200.15.239
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
01fd78d685df03653219c503e3d27be8e75120914b2303a0876774cf56eb8fbe
02f8c15ba65b0ae9db6f957d28f9ae1adbc048090cca772bec7301451a8c1dfd
073ca17ab41064e494d60e32e276bb307db9a0e50b8f54563a30b101f0296edd
0927cef922240ba4b90545f2ab69798ad09187fdd8271a83a3d1b382fed7d7ca
0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
1825cfe3f18db5a062e4f37b134b6d4a3568c67d557921939e4b5e26ca1ae723
1b6cd0428817d6bd4b17624d12e03a69bb1288b5144027d7527edff0da0200d0
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
2b3c0b1bd509fe088c08693dcc6603eda56c407cab0fa19494580b7f9699fd12
2c7ffff003f51d9b82e0132a6eb03e0b2c676048ed8c23e96df5c62e413be6a3
30ea49d8a82e6fc450efdb0bf1535069b10d648dbcf69c9d1388cf4a81f98722
32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b
32c83fece9fe1bb26348e0bd63f5bf64a3261f2852f612651409ff9ef1ab0b02
3b2f4ec38835db9e9a61239b1350b894d1e936847ed9cb144c36a88938a24f4d
3b9f5f976b12e4db829a9162e9b3422a6e269af8f64540011bf482bbaaf2bf23
3c72b6c9a7546dc20a8954b53d3c5b42d23eb6f576de32a17ffdf216692bf10b
3e51587c49b53bc620e4bae1e444d0f1416ad4bd016e04d93ad266aa2b2be41d
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
43389bb9da691c2a3b04409b47a8ac5e46f437188750bcd846f1e24f44df9345
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
49530e5904e11c3e9a5957ed4403495cffba7f127973a2577afce06a5b057405
4a29d993864a9f91a4137d3fe1d3e1ddbffad9d130c4be30e191cc8a9095bb1b
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d1d95a226026f763d0d086ef23b7cdc09e9dd0c68df56d6d638b0474a64e1e0
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cffc4b56bf64b2266d93cbbab8f4cb357be44221404d5fe07fd48c8eaf408b3
8496f5b961be7cac00d6ad3b04868ae6a1b0c77c39aea881577f0c53ddd5a032
86d1c7f5c235818c60847ed7a6ec42927d899b03bfdc0e3b720aff01faeaacde
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
8770f2fcc3b43d0a624d4e982e9993da5041763e13af9d438a53b6fd99379383
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
8c6f5f092a4b4ab3a3d709a1e4ab59581c69cc6ab2de919f8d526edeb738d9a8
932f20ce14570b2aae911be06c9c60cd6ab006c9d9765a7e0fa7c0a4920df10b
93b68dcb72f430a36b02dbfd51733053bc5479673a2545da33134eacc83047c7
9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220
9ee63c120b2de5a96c75541b6c3200119c253ace89d3c33d819dcd7ab749e59a
9f94f36ea826128731394efe84408b5ced938e7376463b9eeb90076bf70b27a3
a6dae463011b3a21c753bd53b8cae334abe23f346d6f737839832a92d3c3e1ca
aae14ce61cf2fba2ae97ab8df06e2417b4375abebb64f0d1c91694f6b6009e60
b01ff8e957863d48b5dbd16538bcd15dae28bcc38d20fd9169675fdcec44c44f
b2fb56cccdd01513f3f7fa9361683b3180e99fe0884f211d865f36cfef0b1db0
b58d12dbcd50ca3cd46893f111d291f7d083df3f52e6d5512723977f944fa8cc
b975607291f610a4be16fcdf682dca44ae5e2ff769e5b93c4ad210c1a1740d22
bc79fb81c2f33bfb6a694b2fd252bec6b43d252d02a0016f5b2a2af3ea5bb70d
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c10a79244fb03d1d960b29aeeb8b73baf1a6327b3bde4b2e5f3cbc1f6920985a
c2dfe97f288ffa980f7ff9f78973e30393910d55ca650329bfc8bac76723b28c
c5345cdf16f799efdc324b9a86509efb38c7f6bc618bc4e55bf69b1ae4424bab
c9b4d9b84b6d4fa87ef669a3907773272585c492f1088726581b48622207549b
ce83db32028f370ef58605bf13bedbf32a82f34677f7fd62e17a10d8790910c5
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
d6d8eabcf607aadde6ac59e11d27561beaa7dd8b61f2cba706f1581889b24d06
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d821423ac23791881ea785e924ade9f680a38b37752bb325a6a85d32d055fa1b
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e31a391ccb396a9ad985289634c7a4c22a87eccb44438ce76249e2b2c01a3e96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58b4c163cb14f66ced74ce6a9fe37321b148a519af57a516335fc09851b0dcd
e75f882dc01cc901f9af64a8518c916de9b9fa0d07198784a44ec83256a50ac0
e7f975386b8c4c4b95727a10504c29f4dfc1db000f9a3113c182a9f97211760f
ece2b34358a35cf77197d70955b6ce8edbafc7fea7069dae426c46e382e5c683
f1076ee8f65519d92b50c79b0cee774eb0ebb7be65f664f2f64e8d9f8919a16b
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
f9633f101a557aff8e2e50e6ffabb13b947aa8bff3b2231e7837addf9dcde2cb
fce214080971e026f71e4cf1b5d05a88d77090766d78a1f4737de3dd3cb2aa4a
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

jobspklhr.com Open in urlscan Pro 2a02:4780:b:1059:0:1c15:593f:3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

99 %HTTPS

55 %IPv6

30 Domains

31 Subdomains

28 IPs

6 Countries

1726 kBTransfer

4487 kBSize

24 Cookies

3 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jobspklhr.com Open in urlscan Pro
2a02:4780:b:1059:0:1c15:593f:3 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

99 %
HTTPS

55 %
IPv6

30
Domains

31
Subdomains

28
IPs

6
Countries

1726 kB
Transfer

4487 kB
Size

24
Cookies

106 HTTP transactions
2 data transactions