urlscan.io logo urlscan.io
SecurityTrails logo

jenni.wooloo.net Open in urlscan Pro
84.46.254.71  Public Scan

Go To Rescan Add Verdict Report
URL: https://jenni.wooloo.net/
Submission: On September 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 18 HTTP transactions. The main IP is 84.46.254.71, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is jenni.wooloo.net.
TLS certificate: Issued by R11 on September 27th 2024. Valid for: 3 months.
This is the only time jenni.wooloo.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 84.46.254.71 51167 (CONTABO)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
2 192.243.59.12 39572 (ADVANCEDH...)
1 52.21.227.162 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.66.132.118 13335 (CLOUDFLAR...)
1 54.39.128.162 16276 (OVH)
18 10
2    84.46.254.71 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi2105904.contaboserver.net
jenni.wooloo.net
2    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3.bp.blogspot.com
6    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
gasakcdn.pages.dev
1    2606:4700:20::681a:51e (United States)

ASN13335 (CLOUDFLARENET, US)
picsum.photos
1    2a04:4e42:400::347 (United States)

ASN54113 (FASTLY, US)
fastly.picsum.photos
2    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
postponeclement.com
1    52.21.227.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-227-162.compute-1.amazonaws.com
dummyjson.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
suggestqueries.google.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    172.66.132.118 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    54.39.128.162 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns562109.ip-54-39-128.net
s4.histats.com
Apex Domain
Subdomains		 Transfer
6 pages.dev
gasakcdn.pages.dev
4 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 10083
s4.histats.com — Cisco Umbrella Rank: 10181
5 KB
2 postponeclement.com
postponeclement.com
2 picsum.photos
picsum.photos — Cisco Umbrella Rank: 75098
fastly.picsum.photos — Cisco Umbrella Rank: 106097
22 KB
2 blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 19201
665 B
2 wooloo.net
jenni.wooloo.net
4 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
51 KB
1 google.com
suggestqueries.google.com — Cisco Umbrella Rank: 1519
799 B
1 dummyjson.com
dummyjson.com
1 KB
18 9
Domain Requested by
6 gasakcdn.pages.dev jenni.wooloo.net
2 postponeclement.com gasakcdn.pages.dev
2 3.bp.blogspot.com jenni.wooloo.net
2 jenni.wooloo.net
1 s4.histats.com s10.histats.com
1 s10.histats.com jenni.wooloo.net
1 pagead2.googlesyndication.com gasakcdn.pages.dev
1 suggestqueries.google.com jenni.wooloo.net
1 dummyjson.com jenni.wooloo.net
1 fastly.picsum.photos jenni.wooloo.net
1 picsum.photos 1 redirects
18 11

This site contains no links.

Subject Issuer Validity Valid
jenni.wooloo.net
R11		 2024-09-27 -
2024-12-26		 3 months crt.sh
misc-sni.blogspot.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
gasakcdn.pages.dev
Cloudflare Inc ECC CA-3		 2024-01-11 -
2024-12-31		 a year crt.sh
postponeclement.com
R11		 2024-08-08 -
2024-11-06		 3 months crt.sh
dummyjson.com
R11		 2024-08-24 -
2024-11-22		 3 months crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
s10.histats.com
WE1		 2024-08-07 -
2024-11-05		 3 months crt.sh
histats.com
R11		 2024-08-06 -
2024-11-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://jenni.wooloo.net/
Frame ID: 9F9A6CE6022461A87EDC787021ED4326
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

18
Requests

94 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

88 kB
Transfer

199 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://picsum.photos/600/400 HTTP 302
  • https://fastly.picsum.photos/id/1019/600/400.jpg?hmac=hnITRYY9HNjnTf6hGmCrOzDjFKUG5wHisDMilWjegrE

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
jenni.wooloo.net/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jenni.wooloo.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.46.254.71 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi2105904.contaboserver.net
Software
nginx /
Resource Hash
5c3a841e36afffce4b8dc62eec4250eff111febb3185bbc39e48fd7b8dadc9c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html
date
Fri, 27 Sep 2024 12:21:48 GMT
etag
W/"66f648a8-3223"
last-modified
Fri, 27 Sep 2024 05:54:48 GMT
referrer-policy
same-origin
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/ 		362 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif
Requested by
Host: jenni.wooloo.net
URL: https://jenni.wooloo.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
Content-Length
etag
"v1764"
age
12831
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 08:47:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 08:47:58 GMT
content-disposition
inline;filename="btn_close.gif"
content-type
image/gif
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
362
x-xss-protection
0
server
fife
byup.js
gasakcdn.pages.dev/ 		279 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/byup.js
Requested by
Host: jenni.wooloo.net
URL: https://jenni.wooloo.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db19427eb0006b02a888557a7bb7f9de977005d9a3ff6dd91ef3216fffafe6ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"6f372cb7ac14004a8c06f006f5d2ea82"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0APN5oDpiQ9teBfhAqGrlsn5rzxDsK%2BfVDNN3L0yoM91LkHsnGQmbcT%2BGrUaK8AsNYRmhemBrW0emmaRXWpIK26PY1M4YQyKDSp12TeLBBaKaeIM%2ByomRja1S9GzjoIiiNygPb1IIl7EXMqvFs2NFDk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c9b74a54f113804-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 12:21:49 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
400.jpg
fastly.picsum.photos/id/1019/600/
Redirect Chain
  • https://picsum.photos/600/400
  • https://fastly.picsum.photos/id/1019/600/400.jpg?hmac=hnITRYY9HNjnTf6hGmCrOzDjFKUG5wHisDMilWjegrE
21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fastly.picsum.photos/id/1019/600/400.jpg?hmac=hnITRYY9HNjnTf6hGmCrOzDjFKUG5wHisDMilWjegrE
Requested by
Host: jenni.wooloo.net
URL: https://jenni.wooloo.net/
Protocol
H2
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9103c2cb54fa46638bf9ffe0fe5c34a001c773b75ef4e031f66b2a304a8641da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

age
107164
picsum-id
1019
x-cache
HIT
date
Fri, 27 Sep 2024 12:21:49 GMT
content-type
image/jpeg
vary
Origin
x-cache-hits
0
content-disposition
inline; filename="1019-600x400.jpg"
x-served-by
cache-fra-eddf8230143-FRA
cache-control
public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
timing-allow-origin
*
x-timer
S1727439709.359878,VS0,VE2
via
1.1 varnish
accept-ranges
bytes
content-length
21281
server
nginx

Redirect headers

strict-transport-security
max-age=15552000
cache-control
private, no-cache, no-store, must-revalidate
location
https://fastly.picsum.photos/id/1019/600/400.jpg?hmac=hnITRYY9HNjnTf6hGmCrOzDjFKUG5wHisDMilWjegrE
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gg1%2FOwjyjSxJEGsJ0L3vGDSgVEViMD4Q0AWiulfqYh6Exh0yvK6EjJfmO5MAhNRBQptWUUA89PcMssZEgGlKu4Ww09FxffvcUKzO3TIRRqA6NaepeperYPugy7Y3uCzd0THnO2j260jEUoc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8c9b74a56e4a4d1f-FRA
content-length
0
date
Fri, 27 Sep 2024 12:21:49 GMT
vary
Origin
server
cloudflare
hobby.js
gasakcdn.pages.dev/ 		280 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/hobby.js
Requested by
Host: jenni.wooloo.net
URL: https://jenni.wooloo.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa88659c378c03a7df112145a076d1d1c2946634b9010402e43ce139fb5ec70d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"afecea10cfb40e02fd8c8cee8547510b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qr0T9mT%2FHM29T08uNbh%2BgCWd12evd2GfGeHUItqvwDTel3sZmPWidimEQjPkq39QU0%2FM09ZmC3QZgdu1sYSBWvVPxVCaZ2qvWIiDNMJRqOSSFEe93ZK6ZLLo8r2suIsgujj77HMGlQ5kZznma7J0ZrQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c9b74a55f253804-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Fri, 27 Sep 2024 12:21:49 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
spare.js
gasakcdn.pages.dev/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/spare.js
Requested by
Host: jenni.wooloo.net
URL: https://jenni.wooloo.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd3b5667c63a7967a2206b47e38d637776f147b62373e21858834f333204c04
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"3cfceaca3c5494f30f5085f4ad767a0b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9eZPgcNdfEKz7qmCkSgiNu8MRG2UZmhOJl36AdYxiFBa8eX8kdhxEBrTqxpWyGBxHpiX44jyXSyCU0qi2p3Zyc7UTZpcLu14HV8w2SruS1PEkzJGqF%2BeFU%2FPGJozw0lUkvLQ6YWm9yQixZ5K6V%2BgPQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c9b74a55f263804-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Fri, 27 Sep 2024 12:21:49 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
extra.js
gasakcdn.pages.dev/ 		1 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/extra.js
Requested by
Host: jenni.wooloo.net
URL: https://jenni.wooloo.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"1d0ed781ac185aa16548c9ed7d74304f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GiC%2BPIJYlsNwUt%2BX6dl1lbYrrRGHpaCJ2AH%2ByHZUk9Mf9T7UcwJEyTAJ5ki58pIbK4gz6Dz9oHsnbvsxe5BNiOs%2FHT5yt4L4K4ek2AnDOUer3gFRBk7UZZK6r%2Fp3saeWZgxySo2ywO%2B%2BcTvk%2Bvxude4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c9b74a55f1e3804-FRA
access-control-allow-origin
*
content-length
1
date
Fri, 27 Sep 2024 12:21:49 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
supp.js
gasakcdn.pages.dev/ 		1 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/supp.js
Requested by
Host: jenni.wooloo.net
URL: https://jenni.wooloo.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"1d0ed781ac185aa16548c9ed7d74304f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=md0R9BMPD%2F%2B6hrF5d2Fs7FTJSvuQ9jiYe1sqBW%2F5XnlDt159Nr5b94tRBlJjgYoipmPk%2Fbw8AedwfaEJCCKsnsrAq2LbagbSPzVXuxzLgtg6O%2B8vlKxfuBmMcxhkNbuQF3jhs%2FDs8SO09Aekqp5FTzI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c9b74a54f153804-FRA
access-control-allow-origin
*
content-length
1
date
Fri, 27 Sep 2024 12:21:49 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
slight.js
gasakcdn.pages.dev/ 		1 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gasakcdn.pages.dev/slight.js
Requested by
Host: jenni.wooloo.net
URL: https://jenni.wooloo.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"1d0ed781ac185aa16548c9ed7d74304f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxRWs7QYebz0WGEuAvhiEYTAMm4tDdfRvmoaaRE5ELIfV2uKNH9SY0ey%2FIBiRk5goPcsVnWOkXFeqPcQ1y9Jv9jM2u1oh%2Bwz9%2FFxY6kxFKJzSyDA2dRJsMjMtyXy4g%2F1GkXLC5DhjffS%2FVBoAKOOJJQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c9b74a54f133804-FRA
access-control-allow-origin
*
content-length
1
date
Fri, 27 Sep 2024 12:21:49 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
invoke.js
postponeclement.com/9c436c4d1c753df3ce1c30907520c196/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://postponeclement.com/9c436c4d1c753df3ce1c30907520c196/invoke.js
Requested by
Host: gasakcdn.pages.dev
URL: https://gasakcdn.pages.dev/byup.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Fri, 27 Sep 2024 12:21:49 GMT
Content-Type
application/javascript
Server
nginx/1.19.5
btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/ 		362 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif
Requested by
Host: jenni.wooloo.net
URL: https://jenni.wooloo.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
Content-Length
etag
"v1764"
age
12831
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 08:47:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 08:47:58 GMT
content-disposition
inline;filename="btn_close.gif"
content-type
image/gif
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
362
x-xss-protection
0
server
fife
invoke.js
postponeclement.com/c160cb85beae5d49f08aeb93156fe646/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://postponeclement.com/c160cb85beae5d49f08aeb93156fe646/invoke.js
Requested by
Host: gasakcdn.pages.dev
URL: https://gasakcdn.pages.dev/hobby.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Fri, 27 Sep 2024 12:21:49 GMT
Content-Type
application/javascript
Server
nginx/1.19.5
random
dummyjson.com/quotes/ 		100 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dummyjson.com/quotes/random
Requested by
Host: jenni.wooloo.net
URL: https://jenni.wooloo.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
BobTheBuilder / Cats on Keyboards
Resource Hash
a12802801eebcfa0b7e32943415e2e30418984470ee55e4e88cb8c85a142bff3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Etag
W/"64-q9yhRGLEAdWSTWBS2ihc5J2k8Tc"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1727439710&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=44CsaQjMRQ13rju5hdYxfWt8Ko86qwdDxC1WgMmVG2U%3D"}]}
X-Content-Type-Options
nosniff
Date
Fri, 27 Sep 2024 12:21:50 GMT
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1727439710&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=44CsaQjMRQ13rju5hdYxfWt8Ko86qwdDxC1WgMmVG2U%3D
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Dns-Prefetch-Control
off
Connection
keep-alive
X-Ratelimit-Reset
1727439712
X-Download-Options
noopen
X-Ratelimit-Remaining
99
Via
1.1 vegur
Access-Control-Allow-Origin
*
Content-Length
100
X-Xss-Protection
1; mode=block
X-Ratelimit-Limit
100
X-Powered-By
Cats on Keyboards
Server
BobTheBuilder
search
suggestqueries.google.com/complete/ 		20 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=
Requested by
Host: jenni.wooloo.net
URL: https://jenni.wooloo.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-hWxDi_7OvohhnaqTJXJR_Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer

Response headers

content-encoding
br
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
expires
-1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 12:21:50 GMT
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
x-frame-options
SAMEORIGIN
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-hWxDi_7OvohhnaqTJXJR_Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
cache-control
no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
pragma
no-cache
accept-ch
Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
permissions-policy
unload=()
x-xss-protection
0
server
gws
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: gasakcdn.pages.dev
URL: https://gasakcdn.pages.dev/spare.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b44114db071630ef55232febcb99c9f75fc579ad59ec53a6ee2c4940d975c043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
8157138527987656888
x-content-type-options
nosniff
expires
Fri, 27 Sep 2024 12:21:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 27 Sep 2024 12:21:50 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52442
x-xss-protection
0
server
cafe
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: jenni.wooloo.net
URL: https://jenni.wooloo.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.132.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=28800
content-encoding
gzip
cf-cache-status
HIT
etag
"-375139978"
age
33407
cf-ray
8c9b74aee977d205-FRA
accept-ranges
bytes
content-length
4547
date
Fri, 27 Sep 2024 12:21:50 GMT
content-type
text/javascript
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
vary
Accept-Encoding
server
cloudflare
0.php
s4.histats.com/stats/ 		50 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4864650&@f16&@g1&@h1&@i1&@j1727439710599&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@tde-DE&@u1600&@b1:-146680279&@b3:1727439711&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fjenni.wooloo.net%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.128.162 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns562109.ip-54-39-128.net
Software
/
Resource Hash
1f0b25515928d3edb07e19c3aad769b20a09b6bf71e36d9edbf51b71fcfd6a81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Length
50
Date
Fri, 27 Sep 2024 12:21:31 GMT
Content-Type
text/html;charset=UTF-8
Connection
close
favicon.ico
jenni.wooloo.net/ 		548 B
219 B 		Other
General
Check archive.org
Download Go to
Full URL
https://jenni.wooloo.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.46.254.71 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi2105904.contaboserver.net
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://jenni.wooloo.net/

Response headers

content-encoding
br
date
Fri, 27 Sep 2024 12:21:51 GMT
content-type
text/html
vary
Accept-Encoding
server
nginx

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| baseUrl function| toTitleCase object| atOptions function| autoRelated function| parseSpintax object| seco object| sece function| detectAdBlock object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

7 Cookies

Domain/Path Name / Value
jenni.wooloo.net/ Name: HstCfa4864650
Value: 1727439710599
jenni.wooloo.net/ Name: HstCla4864650
Value: 1727439710599
jenni.wooloo.net/ Name: HstCmu4864650
Value: 1727439710599
jenni.wooloo.net/ Name: HstPn4864650
Value: 1
jenni.wooloo.net/ Name: HstPt4864650
Value: 1
jenni.wooloo.net/ Name: HstCnv4864650
Value: 1
jenni.wooloo.net/ Name: HstCns4864650
Value: 1

9 Console Messages

Source Level URL
Text
javascript warning URL: https://gasakcdn.pages.dev/byup.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://postponeclement.com/9c436c4d1c753df3ce1c30907520c196/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gasakcdn.pages.dev/byup.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://postponeclement.com/9c436c4d1c753df3ce1c30907520c196/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://postponeclement.com/9c436c4d1c753df3ce1c30907520c196/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://gasakcdn.pages.dev/hobby.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://postponeclement.com/c160cb85beae5d49f08aeb93156fe646/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gasakcdn.pages.dev/hobby.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://postponeclement.com/c160cb85beae5d49f08aeb93156fe646/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://postponeclement.com/c160cb85beae5d49f08aeb93156fe646/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://jenni.wooloo.net/(Line 339)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://jenni.wooloo.net/(Line 339)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://jenni.wooloo.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block