urlscan.io logo urlscan.io
SecurityTrails logo

data.jpg4.biz Open in urlscan Pro
2606:4700:3037::6818:651a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://en.nyuu.info/
Effective URL: http://data.jpg4.biz/
Submission: On October 27 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 13 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3037::6818:651a, located in United States and belongs to CLOUDFLARENET, US. The main domain is data.jpg4.biz.
This is the only time data.jpg4.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 109.169.63.10 25108 (IOMART-AP...)
2 192.229.133.221 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a04:4e42:3::621 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 150.95.129.59 7506 (INTERQ GM...)
3 6 2a02:6b8::1:119 13238 (YANDEX)
1 3 80.239.201.88 1299 (TELIANET ...)
2 192.243.59.20 39572 (ADVANCEDH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
39 16
1    109.169.63.10 (Tokyo, Japan)

ASN25108 (IOMART-APAC-AS APAC and Middle East, FR)
PTR: naturesnetworking.com
en.nyuu.info
2    192.229.133.221 (United States)

ASN15133 (EDGECAST, US)
www.w3schools.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
9    2606:4700:3038::6815:e9f6 (United States)

ASN13335 (CLOUDFLARENET, US)
js.gazo.space
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
1    2606:4700:3037::6818:651a (United States)

ASN13335 (CLOUDFLARENET, US)
data.jpg4.biz
3    2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    150.95.129.59 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-129-59.a07a.g.tyo1.static.cnode.io
page.myfile-host.info
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
3    80.239.201.88 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, EU)
PTR: 80-239-201-88.teliacarrier-cust.com
mc.webvisor.org
2    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
gwudu.com
2    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
9 js.gazo.space en.nyuu.info
data.jpg4.biz
js.gazo.space
6 mc.yandex.ru 3 redirects data.jpg4.biz
cdn.jsdelivr.net
6 translate.googleapis.com translate.google.com
translate.googleapis.com
srcdoc
data.jpg4.biz
3 mc.webvisor.org 1 redirects data.jpg4.biz
3 cdn.jsdelivr.net js.gazo.space
data.jpg4.biz
2 www.gstatic.com translate.googleapis.com
2 gwudu.com js.gazo.space
data.jpg4.biz
2 translate.google.com en.nyuu.info
data.jpg4.biz
2 ajax.googleapis.com en.nyuu.info
data.jpg4.biz
2 www.w3schools.com en.nyuu.info
data.jpg4.biz
1 www.google.com
1 page.myfile-host.info data.jpg4.biz
1 www.googletagmanager.com js.gazo.space
1 data.jpg4.biz js.gazo.space
1 en.nyuu.info
39 15
Subject Issuer Validity Valid
*.w3schools.com
DigiCert SHA2 Secure Server CA		 2020-05-05 -
2022-05-10		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-07 -
2021-08-07		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2020-09-29 -
2021-03-11		 5 months crt.sh
mc.webvisor.com
Yandex CA		 2020-09-29 -
2021-03-23		 6 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://data.jpg4.biz/
Frame ID: B6DF0DB120E33E990EBBAB6192D672E4
Requests: 37 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: D69EF021C58A84052DA4749E39E535FB
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: E7C09510B143FC4EA98B2C2DC6AE740D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://en.nyuu.info/ Page URL
  2. http://data.jpg4.biz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.jsdelivr\.net\/npm\/yandex-metrica-watch\/watch\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

39
Requests

72 %
HTTPS

67 %
IPv6

13
Domains

15
Subdomains

16
IPs

5
Countries

486 kB
Transfer

1729 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://en.nyuu.info/ Page URL
  2. http://data.jpg4.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://mc.yandex.ru/watch/3?wmode=7&page-ref=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1966%3Arqnl%3A1%3Ast%3A1603799439%3Au%3A1603799439950870752%3Ahi%3A HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1966%3Arqnl%3A1%3Ast%3A1603799439%3Au%3A1603799439950870752%3Ahi%3A
Request Chain 25
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9074.WTNOSi7sF3CmV4xTP8y888QnkENmuBDU2SLs9Dy879Cd7iroIFnJ5GNzEP3QVOJZ.sXY6vC9tUcD_mkY8puW_aptchCQ%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9074.7MkbNdBVL3sMM7usawegppRe7_0bPFKtn-ckmWBMVd5k1pm5NS-FufvZf1BAty2sX5hscHGF7tU0FZ_cRVuwvw%2C%2C.IKa2qz41nXLk1kv124ZrsxVKodA%2C
Request Chain 26
  • https://mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603799438289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201027125039%3Aet%3A1603799440%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A1323557571453%3Arqn%3A1%3Arn%3A600058277%3Ahid%3A747534752%3Ads%3A2%2C5%2C20%2C1%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A674%3Awn%3A41172%3Ahl%3A2%3Agdpr%3A14%3Aeu%3A1%3Av%3A1966%3Arqnl%3A1%3Ast%3A1603799440%3Au%3A1603799439950870752%3Ahi%3A HTTP 302
  • https://mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603799438289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201027125039%3Aet%3A1603799440%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A1323557571453%3Arqn%3A1%3Arn%3A600058277%3Ahid%3A747534752%3Ads%3A2%2C5%2C20%2C1%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A674%3Awn%3A41172%3Ahl%3A2%3Agdpr%3A14%3Aeu%3A1%3Av%3A1966%3Arqnl%3A1%3Ast%3A1603799440%3Au%3A1603799439950870752%3Ahi%3A

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
en.nyuu.info/ 		138 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://en.nyuu.info/
Protocol
HTTP/1.1
Server
109.169.63.10 Tokyo, Japan, ASN25108 (IOMART-APAC-AS APAC and Middle East, FR),
Reverse DNS
naturesnetworking.com
Software
nginx/1.16.1 /
Resource Hash
48428e1ff5c8f95dfd9cec245abcf01164f58f089df750af0b483f436ba8e8e9

Request headers

Host
en.nyuu.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Tue, 27 Oct 2020 11:50:34 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Cake
imghost
127001-h-imgjpg4inomh-img.jpg4.info--rm:127.0.0.1/
38nloadrate
0.36125
Cache-Control
max-age=39600, public
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Encoding
gzip
Vary
Accept-Encoding
X-Proxy-CacheRZ
STALE
XkeyRZ
jimg./A-img.jpg4.net-img.jpg4.net-my_zone
X-Proxy-Cache-hk
HIT
Xkey-Tk2
noA
w3.css
www.w3schools.com/w3css/4/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: en.nyuu.info
URL: http://en.nyuu.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF0) / ASP.NET
Resource Hash
dd30cb28b7ad3a268bd4a6a5730f42e65490abd49bd2cf8a436afbbec5aceb02
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 11:50:34 GMT
content-encoding
gzip
etag
"0386ec7c1dd51:0"
last-modified
Fri, 07 Jun 2019 08:41:20 GMT
server
ECS (mil/6CF0)
age
13186
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
text/css
status
200
cache-control
public,max-age=14400,public
accept-ranges
bytes
vary
Accept-Encoding
content-length
5224
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: en.nyuu.info
URL: http://en.nyuu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 11:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2199
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Oct 2021 11:13:55 GMT
index.php
js.gazo.space/ 		58 B
658 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gazo.space/index.php?js=very
Requested by
Host: en.nyuu.info
URL: http://en.nyuu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d761c374c057a6133313c17140be0d62f4e0ad0bbfe8cbefb58d6de4b399f7c6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 11:50:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
38nloadrate
0.45125
status
200
cf-request-id
060b7e5d7e0000178611927000000001
imghost
2400265128170017a72dba7c839-h-jsgazospacmh--DE-rm:2400:cb00:71:1024::a29e:59db/index.php?js=very
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wy0FBKvXN58BaAE5jGGQ3Z9QhL%2B0RgGVzPfAR4pGeMMh7nUtoEyzc7IVeMAd4aA9nB0WHI%2Fiv%2BpztDkufHm0HfNZUjLMB7WeSTT41bl33%2BWjrosb8GHedC7N"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=360000, private
cf-ray
5e8c33426c741786-FRA
access-control-allow-headers
Cake
index.php
js.gazo.space/ 		130 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gazo.space/index.php?js=jpg4&aaa1
Requested by
Host: en.nyuu.info
URL: http://en.nyuu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed029f4a41ad3837937e9186c21dff8d3c3da2e74bf5380ea86f7c4d98150ced

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 11:50:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
153
status
200
cf-request-id
060b7e5d7f000017864d3c2000000001
imghost
2400265128170017a72dba7c839-h-jsgazospacmh--DE-rm:2400:cb00:71:1024::a29e:5ecc/index.php?js=jpg4&aaa1
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TWt14ykJYQtVlRGg88QGRbe92vu9RxjiWLy56xHKCQ8k0oLpw8TstNWim9vaDSFkEQMhUqvzW7SLkFvcbrbrn%2BBTGqx7R28hiAQAvNxbR07EawNimn%2ByR48B"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=7200, s-max-age=1800
38nloadrate
0.520625
cf-ray
5e8c33426c761786-FRA
access-control-allow-headers
Cake
jpg4.css
js.gazo.space/mycss/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://js.gazo.space/mycss/jpg4.css
Requested by
Host: en.nyuu.info
URL: http://en.nyuu.info/
Protocol
HTTP/1.1
Server
2606:4700:3038::6815:e9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00fe4aab3eb92a95c2f147a8cec33d080bcb9f8cf2c248ca06c34d7d4ebfbc84

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:50:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
3417753
Cf-Polished
origSize=1816
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
060b7e5d7300000eb77f171000000001
Cf-Bgj
minify
Server
cloudflare
ETag
W/"718-5a11787752b46"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7SSG1n5Ae0kxGUGCe6C9fFraDQNwpLIBLcwvJ3WhHknrZY57PRHtmndn9XYNn8Nj%2BbRRD8OJozEuV2TzDsdtBeSsCRHoxVt8fPAUCzf3Wp5BINaPQ1K3frT4"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=360000
CF-RAY
5e8c33425acc0eb7-FRA
Access-Control-Allow-Headers
Cake
element.js
translate.google.com/translate_a/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: en.nyuu.info
URL: http://en.nyuu.info/
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
415d58777a2f14eb972baa59d1688ada08b2d2de4e36f7aefda7fc02ba83281a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Oct 2020 11:50:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
HTTP server (unknown)
Content-Language
en
Cache-Control
no-cache, must-revalidate
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
1882
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
index.php
js.gazo.space/ 		130 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gazo.space/index.php?js=jpg4&aaa2
Requested by
Host: en.nyuu.info
URL: http://en.nyuu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b392e6ff540a1033f20730d0863b300093ec9755c1ef636b85bd27bddd57251

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 11:50:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
322
status
200
cf-request-id
060b7e5d7f00001786ff2ef000000001
imghost
2400265128170017a72dba7c839-h-jsgazospacmh--AT-rm:2400:cb00:71:1024::a29e:5c18/index.php?js=jpg4&aaa2
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n%2FRvzhfJ%2B4dkrZg680fx3wN4ecBeBhwEl0UD%2Fx9vK907qVjhetfA6WxAAJbd2KOwHBTw696r8zgFkGvEdFXUuhYLsWv83i%2FzcpwOoybh7WtyD5FePb96CQE9"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=7200, s-max-age=1800
38nloadrate
0.408125
cf-ray
5e8c33426c781786-FRA
access-control-allow-headers
Cake
Primary Request Cookie set /
data.jpg4.biz/ 		12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://data.jpg4.biz/
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
HTTP/1.1
Server
2606:4700:3037::6818:651a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dcf81600b1ce738c504a692416ef11e2701308a33441b4c4ed6dee794d60b96

Request headers

Host
data.jpg4.biz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:50:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dffc0cd6fa91eb2f660b6a0185add8c7e1603799438; expires=Thu, 26-Nov-20 11:50:38 GMT; path=/; domain=.jpg4.biz; HttpOnly; SameSite=Lax
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Cake
imghost
127001-h-datajpg4ntmh-data.jpg4.net--rm:127.0.0.1/
38nloadrate
0.423125
Cache-Control
public, max-age=28800
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Vary
Accept-Encoding
X-Proxy-CacheRZ
STALE
XkeyRZ
jdata./A-data.jpg4.biz-data.jpg4.biz-my_zone
X-Proxy-Cache-uk
HIT
XkeySE
jdata./A
CF-Cache-Status
HIT
Age
6320
cf-request-id
060b7e6bdc0000d725e3b36000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oqszCfrwCRAXK4ko2WK3qzYw4B9bG0JnLfSFpGQl2tC7f0vBLkf%2BeO%2BtjOtRHQu1y6mXsdNlED78eYxxrwkfmmshdk9ihPNHw6X11OdoXbqGnWMY3Kbyfjjv"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5e8c33595c50d725-FRA
Content-Encoding
gzip
watch.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		30 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
36266
x-cache
HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
51099
etag
W/"24d4d-TFDe9SRiaoOr+P3BqKPeDRhGdYs"
x-served-by
cache-fra19140-FRA
date
Tue, 27 Oct 2020 11:50:38 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		0
0
w3.css
www.w3schools.com/w3css/4/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF0) / ASP.NET
Resource Hash
dd30cb28b7ad3a268bd4a6a5730f42e65490abd49bd2cf8a436afbbec5aceb02
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 11:50:38 GMT
content-encoding
gzip
etag
"0386ec7c1dd51:0"
last-modified
Fri, 07 Jun 2019 08:41:20 GMT
server
ECS (mil/6CF0)
age
13190
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
text/css
status
200
cache-control
public,max-age=14400,public
accept-ranges
bytes
vary
Accept-Encoding
content-length
5224
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 11:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Oct 2021 11:42:23 GMT
index.php
js.gazo.space/ 		58 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gazo.space/index.php?js=very
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d761c374c057a6133313c17140be0d62f4e0ad0bbfe8cbefb58d6de4b399f7c6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 11:50:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
38nloadrate
0.43
status
200
cf-request-id
060b7e6bfc000017866d0a1000000001
imghost
2400265128170017a72dba7c839-h-jsgazospacmh--DE-rm:2400:cb00:71:1024::a29e:59dc/index.php?js=very
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KGJ5loUYILLjv9Kj1fSn3ndIhys7AN6o3RrXYZNmpXEIa2QcA2iWGT%2FWP2yU%2FChe%2FpL%2FD1Z%2BuDS7jr3X4xeQ9YItiWE9mrSQ%2BKJ8umLath0pBIipBJVBsVXb"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=360000, private
cf-ray
5e8c33599ea11786-FRA
access-control-allow-headers
Cake
index.php
js.gazo.space/ 		130 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gazo.space/index.php?js=jpg4&aaa1
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed029f4a41ad3837937e9186c21dff8d3c3da2e74bf5380ea86f7c4d98150ced

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 11:50:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
157
status
200
cf-request-id
060b7e6bfd00001786789b0000000001
imghost
2400265128170017a72dba7c839-h-jsgazospacmh--DE-rm:2400:cb00:71:1024::a29e:5ecc/index.php?js=jpg4&aaa1
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6wPsBfZSWaqLesZ4HHnXoU2JluOu%2Fg8MXDGDGLXoQvwTnHt2AOHHAp8jCojgE1w%2F%2BElgMHK5KVbY98MO5lN5hgkkLRvpbjbJXqT5I9Vbmx0Jy%2Fgbd5dvrjMF"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=7200, s-max-age=1800
38nloadrate
0.520625
cf-ray
5e8c33599ea31786-FRA
access-control-allow-headers
Cake
jpg4.css
js.gazo.space/mycss/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://js.gazo.space/mycss/jpg4.css
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
HTTP/1.1
Server
2606:4700:3038::6815:e9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00fe4aab3eb92a95c2f147a8cec33d080bcb9f8cf2c248ca06c34d7d4ebfbc84

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:50:38 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
3417757
Cf-Polished
origSize=1816
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
060b7e6bfc00000eb7a3adf000000001
Cf-Bgj
minify
Server
cloudflare
ETag
W/"718-5a11787752b46"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vbxm3I4mObGE0e2jcN0ToIeQD83zuaO9sxlg5q8dCEZDhQi0vdFiMbCjDtoQxZjzs3X0nvFvzGE3edSObcYD7Qs4TX3gtZ9%2FVZNGnvBe2tWVZKids%2FQroJFI"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=360000
CF-RAY
5e8c33599dcc0eb7-FRA
Access-Control-Allow-Headers
Cake
element.js
translate.google.com/translate_a/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
415d58777a2f14eb972baa59d1688ada08b2d2de4e36f7aefda7fc02ba83281a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Oct 2020 11:50:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
HTTP server (unknown)
Content-Language
en
Cache-Control
no-cache, must-revalidate
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
1882
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
watch.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6ad076d35d95832d5e1cb20884aa7e1fa6c4067a8e2295d3009ee1d32d3b6df3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
36267
x-cache
HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
51099
etag
W/"24d4d-TFDe9SRiaoOr+P3BqKPeDRhGdYs"
x-served-by
cache-fra19140-FRA
date
Tue, 27 Oct 2020 11:50:38 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-620120-3
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2bfc140fb583a84130b5ca3013e26af3e3c49f2e0d074efdc4f4a27d820600a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 11:50:38 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37908
x-xss-protection
0
last-modified
Tue, 27 Oct 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 27 Oct 2020 11:50:38 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 11:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 12 Feb 2020 21:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 27 Oct 2020 12:48:23 GMT
main.js
translate.googleapis.com/translate_static/js/element/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/js/element/main.js
Requested by
Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80cfc390f534ca8d75ac161e82639486b1ee24b30c402af8bcc89d113ff343eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 10:55:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3283
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1610
x-xss-protection
0
last-modified
Wed, 30 Sep 2020 22:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 27 Oct 2020 11:55:55 GMT
myda.php
page.myfile-host.info/ 		0
270 B 		Script
General
Check archive.org
Download Go to
Full URL
http://page.myfile-host.info/myda.php
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
HTTP/1.1
Server
150.95.129.59 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
v150-95-129-59.a07a.g.tyo1.static.cnode.io
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.0.33 / PHP/7.0.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Oct 2020 11:50:39 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.0.33
Connection
close
X-Powered-By
PHP/7.0.33
Content-Length
0
Content-Type
text/html; charset=utf-8
tagjpa.php
js.gazo.space/ 		34 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gazo.space/tagjpa.php?imob=tgp5jpg
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/index.php?js=jpg4&aaa1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc6fb36ec8b0ae525419dc0516e2c26a7562fb24627edcd269c8d9e065a5cb6f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 27 Oct 2020 11:50:38 GMT
8tagproxuri
/tagjpa.php?imob=tgp5jpg
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
566
status
200
content-encoding
br
cf-request-id
060b7e6e8e0000178660acb000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sNk7L9nsdn3bv5dMh5ZLQL%2Fyz38EsztOs0kwcZ1SbmckiZMMh8X7rXoJjk5wyUHYczvdg1LuQt8H3lDZzR8Uq3YEToBKzNWneYJEQodNu8M3Xa%2Bfv2iIypKa"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=7200
cf-ray
5e8c335da8f51786-FRA
access-control-allow-headers
Cake
preview.jpg
js.gazo.space/ 		517 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://js.gazo.space/preview.jpg
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
HTTP/1.1
Server
2606:4700:3038::6815:e9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69a7191d5794f52797b8ecbbd18e3380169dba7f4d63aac7537a520ff6c1ba0

Request headers

Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:50:38 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
113907
Connection
keep-alive
Content-Length
517
cf-request-id
060b7e6e8d00000eb736064000000001
Cf-Bgj
h2pri
Server
cloudflare
ETag
"205-549a7f8daacc0"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UhBq%2FEKvdUsqdrGKymTPihja2Lzg1vuHrULwRtXQIM52wl1wIg4Eo8n4EhRTjKTHP9qOdxoJEPQXv%2FF7uEuCr8mR2A%2FB%2FkcckGyfZM%2Fs17Uqu8RDwqzD144J"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=360000
Accept-Ranges
bytes
CF-RAY
5e8c335daf8c0eb7-FRA
Access-Control-Allow-Headers
Cake
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-ref=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1966%3Arqnl%3A1%3Ast%3A1603799439%3Au%3A1603799439950870752...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1966%3Arqnl%3A1%3Ast%3A1603799439%3Au%3A16037994399508707...
35 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1966%3Arqnl%3A1%3Ast%3A1603799439%3Au%3A1603799439950870752%3Ahi%3A
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Oct 2020 11:50:39 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27-Oct-2020 11:50:39 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://data.jpg4.biz
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Content-Length
35
X-XSS-Protection
1; mode=block
Expires
Tue, 27-Oct-2020 11:50:39 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Oct 2020 11:50:39 GMT
Last-Modified
Tue, 27-Oct-2020 11:50:39 GMT
Access-Control-Allow-Origin
http://data.jpg4.biz
Strict-Transport-Security
max-age=31536000
Location
/watch/3/1?wmode=7&page-ref=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1966%3Arqnl%3A1%3Ast%3A1603799439%3Au%3A1603799439950870752%3Ahi%3A
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 27-Oct-2020 11:50:39 GMT
element_main.js
translate.googleapis.com/element/TE_20200506_00/e/js/element/ 		238 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/element/TE_20200506_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18b91aa55babf6a41b67ad376266712f9e07172f8ec8c6d06904f622f15527c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 11:29:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1243
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87186
x-xss-protection
0
last-modified
Wed, 06 May 2020 18:47:58 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Oct 2021 11:29:56 GMT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9074.WTNOSi7sF3CmV4xTP8y888QnkENmuBDU2SLs9Dy879Cd7iroIFnJ5GNzEP3QVOJZ.sXY6vC9tUcD_mkY8puW_aptchCQ%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9074.7MkbNdBVL3sMM7usawegppRe7_0bPFKtn-ckmWBMVd5k1pm5NS-FufvZf1BAty2sX5hscHGF7tU0FZ_cRVuwvw%2C%2C.IKa2qz41nXLk1kv124ZrsxVKodA%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9074.7MkbNdBVL3sMM7usawegppRe7_0bPFKtn-ckmWBMVd5k1pm5NS-FufvZf1BAty2sX5hscHGF7tU0FZ_cRVuwvw%2C%2C.IKa2qz41nXLk1kv124ZrsxVKodA%2C
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.239.201.88 , Ascension Island, ASN1299 (TELIANET Telia Carrier, EU),
Reverse DNS
80-239-201-88.teliacarrier-cust.com
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:50:39 GMT
Strict-Transport-Security
max-age=31536000
Content-Length
75
X-XSS-Protection
1; mode=block
Content-Type
text/html; charset=utf-8

Redirect headers

Location
https://mc.webvisor.org/sync_cookie_image_decide?token=9074.7MkbNdBVL3sMM7usawegppRe7_0bPFKtn-ckmWBMVd5k1pm5NS-FufvZf1BAty2sX5hscHGF7tU0FZ_cRVuwvw%2C%2C.IKa2qz41nXLk1kv124ZrsxVKodA%2C
Date
Tue, 27 Oct 2020 11:50:39 GMT
Strict-Transport-Security
max-age=31536000
Content-Length
0
X-XSS-Protection
1; mode=block
1
mc.yandex.ru/watch/48140495/
Redirect Chain
  • https://mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603799438289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101...
  • https://mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603799438289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166136261...
167 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603799438289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201027125039%3Aet%3A1603799440%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A1323557571453%3Arqn%3A1%3Arn%3A600058277%3Ahid%3A747534752%3Ads%3A2%2C5%2C20%2C1%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A674%3Awn%3A41172%3Ahl%3A2%3Agdpr%3A14%3Aeu%3A1%3Av%3A1966%3Arqnl%3A1%3Ast%3A1603799440%3Au%3A1603799439950870752%3Ahi%3A
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
504abbaad7aed31cbceba6f322df099884c95f9e34e5116e2834611e60aa7612
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Oct 2020 11:50:39 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27-Oct-2020 11:50:39 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://data.jpg4.biz
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Content-Length
167
X-XSS-Protection
1; mode=block
Expires
Tue, 27-Oct-2020 11:50:39 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Oct 2020 11:50:39 GMT
Last-Modified
Tue, 27-Oct-2020 11:50:39 GMT
Access-Control-Allow-Origin
http://data.jpg4.biz
Strict-Transport-Security
max-age=31536000
Location
/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603799438289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201027125039%3Aet%3A1603799440%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A1323557571453%3Arqn%3A1%3Arn%3A600058277%3Ahid%3A747534752%3Ads%3A2%2C5%2C20%2C1%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A674%3Awn%3A41172%3Ahl%3A2%3Agdpr%3A14%3Aeu%3A1%3Av%3A1966%3Arqnl%3A1%3Ast%3A1603799440%3Au%3A1603799439950870752%3Ahi%3A
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 27-Oct-2020 11:50:39 GMT
invoke.js
gwudu.com/2b3591c24e57d4b5ca792bca3cd3e93f/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://gwudu.com/2b3591c24e57d4b5ca792bca3cd3e93f/invoke.js
Requested by
Host: js.gazo.space
URL: https://js.gazo.space/tagjpa.php?imob=tgp5jpg
Protocol
HTTP/1.1
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers
invoke.js
gwudu.com/2b3591c24e57d4b5ca792bca3cd3e93f/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://gwudu.com/2b3591c24e57d4b5ca792bca3cd3e93f/invoke.js
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
HTTP/1.1
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		372 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a25d6f7446bbf960756b8fb8e4cf92096986825f9d6432e2dcc74f8e66431598
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
36265
x-cache
HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
114495
etag
W/"5cf5b-GVhUq9lOnVkDfHu3PwQTdZpvpho"
x-served-by
cache-fra19140-FRA
date
Tue, 27 Oct 2020 11:50:39 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
50322544
mc.yandex.ru/watch/ 		186 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/50322544?wmode=7&page-url=http%3A%2F%2Fdata.jpg4.biz%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1603799438289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201027125040%3Aet%3A1603799440%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Are%3A1%3Apv%3A1%3Als%3A478706295921%3Arqn%3A1%3Arn%3A317182163%3Ahid%3A747534752%3Ads%3A2%2C5%2C20%2C1%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A674%3Agdpr%3A14%3Aeu%3A1%3Av%3A1967%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603799440%3Au%3A1603799439950870752%3Ahi%3A
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
43a956c398b4c56c33551ad90f330279397c9463836dd93d484e42c3e38fa563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 27 Oct 2020 11:50:40 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27-Oct-2020 11:50:40 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://data.jpg4.biz
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Content-Length
186
X-XSS-Protection
1; mode=block
Expires
Tue, 27-Oct-2020 11:50:40 GMT
advert.gif
mc.webvisor.org/metrika/ 		43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/metrika/advert.gif
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.239.201.88 , Ascension Island, ASN1299 (TELIANET Telia Carrier, EU),
Reverse DNS
80-239-201-88.teliacarrier-cust.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:50:40 GMT
Last-Modified
Tue, 27 Oct 2020 09:16:19 GMT
ETag
"5f97e563-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 27 Oct 2020 12:50:40 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 19:22:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
318497
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1847
x-xss-protection
0
expires
Sat, 23 Oct 2021 19:22:23 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ Frame D69E 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20200506_00/e/js/element/element_main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 11:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 12 Feb 2020 21:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 27 Oct 2020 12:48:23 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		825 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 10:52:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
435477
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
825
x-xss-protection
0
expires
Fri, 22 Oct 2021 10:52:43 GMT
cleardot.gif
www.google.com/images/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/cleardot.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://data.jpg4.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Oct 2020 11:50:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
translate.googleapis.com/translate_a/ Frame E7C0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JTkWmMVBHdPJQvyiwAHxRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Oct 2020 11:50:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-JTkWmMVBHdPJQvyiwAHxRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://translate.googleapis.com/translate_static/img/te_ctrl3.gif
Requested by
Host: data.jpg4.biz
URL: http://data.jpg4.biz/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:00:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
550234
content-type
image/gif
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1412
x-xss-protection
0
expires
Thu, 21 Oct 2021 03:00:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=UA-620120-3

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| trustedTypes function| $ function| jQuery string| imgdm string| ti string| pageuserlang string| lctcf string| advertisement string| adr undefined| xhttp function| navidm undefined| linkElement object| rgxp function| picad function| ppic function| sendinfopic function| jpg4oot function| getgetp number| cX number| cY number| rX number| rY undefined| vW function| UpdateCursorPosition function| UpdateCursorPositionDocAll function| AssignPosition function| HideContent function| ShowContent function| ReverseContentDisplay function| ViewportWidth object| zz function| loadXMLDoc function| underp function| zoom function| lsstrg function| underv function| dtippc function| setCookie function| getCookie function| mypaging function| escapeHtml function| expandthb string| bookmarkurl string| bookmarktitle function| relonmousemove function| add2play function| addfrm function| delstore function| showplay function| fc2avmouse function| sekeydoga function| tf function| myshowad function| myshowad1 function| myshowad2 function| showdogaHis function| showdogaHis2 function| jpg4orm string| userLangcf string| cmore string| phpuserlang string| userLang string| LL string| basedm number| unsaferef string| jsbody string| toptext string| toset string| t1 string| inshowad string| inshowad2 object| dataLayer function| googleTranslateElementInit object| google object| meta object| s object| tosearch object| Ya object| yaCounter48140495 object| google_tag_manager function| dispad object| re_advar object| y undefined| ad_idzone undefined| ad_frequency_period undefined| ad_frequency_count string| adcounter number| rat string| ID number| AD number| FRAME string| ONCE object| atOptions string| adre object| yaCounter50322544 object| closure_lm_261288

5 Cookies

Domain/Path Name / Value
.jpg4.biz/ Name: _ym_isad
Value: 2
.jpg4.biz/ Name: _ym_visorc_50322544
Value: w
.jpg4.biz/ Name: _ym_d
Value: 1603799440
.jpg4.biz/ Name: _ym_uid
Value: 1603799439950870752
.jpg4.biz/ Name: _ym_visorc_48140495
Value: b

14 Console Messages

Source Level URL
Text
console-api log URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 4)
Message:
DE
console-api log URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 25)
Message:
console-api log URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 27)
Message:
1
console-api log URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 72)
Message:
undefined
console-api log URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 73)
Message:
ref=
console-api log URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 79)
Message:
0
console-api log URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 235)
Message:
xUpdateCursorPositionDocAll
console-api log URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 4)
Message:
DE
console-api log URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 25)
Message:
console-api log URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 27)
Message:
1
console-api log URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 72)
Message:
undefined
console-api log URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 73)
Message:
ref=
console-api log URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 235)
Message:
xUpdateCursorPositionDocAll
console-api log URL: https://js.gazo.space/index.php?js=jpg4&aaa1(Line 37)
Message:
77777

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
data.jpg4.biz
en.nyuu.info
gwudu.com
js.gazo.space
mc.webvisor.org
mc.yandex.ru
page.myfile-host.info
translate.google.com
translate.googleapis.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.w3schools.com
www.googletagmanager.com
109.169.63.10
150.95.129.59
192.229.133.221
192.243.59.20
2606:4700:3037::6818:651a
2606:4700:3038::6815:e9f6
2a00:1450:4001:800::200a
2a00:1450:4001:801::200e
2a00:1450:4001:806::2008
2a00:1450:4001:819::2004
2a00:1450:4001:820::2003
2a00:1450:4001:825::200a
2a02:6b8::1:119
2a04:4e42:3::621
80.239.201.88
00fe4aab3eb92a95c2f147a8cec33d080bcb9f8cf2c248ca06c34d7d4ebfbc84
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18b91aa55babf6a41b67ad376266712f9e07172f8ec8c6d06904f622f15527c9
1b392e6ff540a1033f20730d0863b300093ec9755c1ef636b85bd27bddd57251
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3dcf81600b1ce738c504a692416ef11e2701308a33441b4c4ed6dee794d60b96
415d58777a2f14eb972baa59d1688ada08b2d2de4e36f7aefda7fc02ba83281a
43a956c398b4c56c33551ad90f330279397c9463836dd93d484e42c3e38fa563
48428e1ff5c8f95dfd9cec245abcf01164f58f089df750af0b483f436ba8e8e9
504abbaad7aed31cbceba6f322df099884c95f9e34e5116e2834611e60aa7612
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
6ad076d35d95832d5e1cb20884aa7e1fa6c4067a8e2295d3009ee1d32d3b6df3
80cfc390f534ca8d75ac161e82639486b1ee24b30c402af8bcc89d113ff343eb
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
a25d6f7446bbf960756b8fb8e4cf92096986825f9d6432e2dcc74f8e66431598
a2bfc140fb583a84130b5ca3013e26af3e3c49f2e0d074efdc4f4a27d820600a
cc6fb36ec8b0ae525419dc0516e2c26a7562fb24627edcd269c8d9e065a5cb6f
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d761c374c057a6133313c17140be0d62f4e0ad0bbfe8cbefb58d6de4b399f7c6
dd30cb28b7ad3a268bd4a6a5730f42e65490abd49bd2cf8a436afbbec5aceb02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed029f4a41ad3837937e9186c21dff8d3c3da2e74bf5380ea86f7c4d98150ced
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f69a7191d5794f52797b8ecbbd18e3380169dba7f4d63aac7537a520ff6c1ba0