urlscan.io logo urlscan.io
SecurityTrails logo

36hbhv.johncboins.com Open in urlscan Pro
208.109.247.38  Public Scan

Go To Rescan Add Verdict Report
URL: https://36hbhv.johncboins.com/
Submission: On October 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 208.109.247.38, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is 36hbhv.johncboins.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 15th 2024. Valid for: a year.
This is the only time 36hbhv.johncboins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 208.109.247.38 26496 (AS-26496-...)
2 142.250.186.131 15169 (GOOGLE)
14 2
Apex Domain
Subdomains		 Transfer
12 johncboins.com
36hbhv.johncboins.com
138 KB
2 gstatic.com
fonts.gstatic.com
21 KB
14 2
Domain Requested by
12 36hbhv.johncboins.com 36hbhv.johncboins.com
2 fonts.gstatic.com
14 2

This site contains no links.

Subject Issuer Validity Valid
queerarchivestt.org
Go Daddy Secure Certificate Authority - G2		 2024-10-15 -
2025-10-15		 a year crt.sh
*.gstatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://36hbhv.johncboins.com/
Frame ID: A84C89D4FEF0B9AEBC11B5F8DE6FF672
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

14
Requests

14 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

159 kB
Transfer

450 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
36hbhv.johncboins.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://36hbhv.johncboins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.109.247.38 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
38.247.109.208.host.secureserver.net
Software
nginx/1.18.0 (Ubuntu) / Next.js
Resource Hash
e35362529b46f09be4c652076aa984f960fe4261a005d55f70be21a0076450d6
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
content-type
text/html; charset=utf-8
date
Sat, 19 Oct 2024 09:52:15 GMT
etag
"17y558i0d571z9"
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Next.js
x-xss-protection
1; mode=block
dec347d85f463c1c.css
36hbhv.johncboins.com/_next/static/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://36hbhv.johncboins.com/_next/static/css/dec347d85f463c1c.css
Requested by
Host: 36hbhv.johncboins.com
URL: https://36hbhv.johncboins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.109.247.38 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
38.247.109.208.host.secureserver.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2d082cdca6ccda315e1f20f90f45f755bacba29e2cc43ed9ea8c91cc610dd8ef
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://36hbhv.johncboins.com/

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"6051-192a03f080a"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
date
Sat, 19 Oct 2024 09:52:15 GMT
x-xss-protection
1; mode=block
content-type
text/css; charset=UTF-8
last-modified
Fri, 18 Oct 2024 15:28:58 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
webpack-b8f8d6679aaa5f42.js
36hbhv.johncboins.com/_next/static/chunks/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://36hbhv.johncboins.com/_next/static/chunks/webpack-b8f8d6679aaa5f42.js
Requested by
Host: 36hbhv.johncboins.com
URL: https://36hbhv.johncboins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.109.247.38 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
38.247.109.208.host.secureserver.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
131c150fa4719bf2679a750ab1dc4118ba2180635e3776e4bddeca690368f10c
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://36hbhv.johncboins.com/

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"5a5-192a03f080a"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
date
Sat, 19 Oct 2024 09:52:15 GMT
x-xss-protection
1; mode=block
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 18 Oct 2024 15:28:58 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
framework-64ad27b21261a9ce.js
36hbhv.johncboins.com/_next/static/chunks/ 		137 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://36hbhv.johncboins.com/_next/static/chunks/framework-64ad27b21261a9ce.js
Requested by
Host: 36hbhv.johncboins.com
URL: https://36hbhv.johncboins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.109.247.38 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
38.247.109.208.host.secureserver.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4250d53f0bc756ece2ddd690a008add1d7fdc887528c671f4dfe8d916d7787b7
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://36hbhv.johncboins.com/

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"222ca-192a03f080a"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
date
Sat, 19 Oct 2024 09:52:15 GMT
x-xss-protection
1; mode=block
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 18 Oct 2024 15:28:58 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
main-4008b7bc3b992c03.js
36hbhv.johncboins.com/_next/static/chunks/ 		108 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://36hbhv.johncboins.com/_next/static/chunks/main-4008b7bc3b992c03.js
Requested by
Host: 36hbhv.johncboins.com
URL: https://36hbhv.johncboins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.109.247.38 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
38.247.109.208.host.secureserver.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
abd6b43329d91154eec90fb705c3340e0e78d3a19a945b1621084264c5f840ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://36hbhv.johncboins.com/

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"1b0a8-192a03f080a"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
date
Sat, 19 Oct 2024 09:52:15 GMT
x-xss-protection
1; mode=block
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 18 Oct 2024 15:28:58 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
_app-2c52f24ca442b509.js
36hbhv.johncboins.com/_next/static/chunks/pages/ 		136 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://36hbhv.johncboins.com/_next/static/chunks/pages/_app-2c52f24ca442b509.js
Requested by
Host: 36hbhv.johncboins.com
URL: https://36hbhv.johncboins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.109.247.38 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
38.247.109.208.host.secureserver.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
59bd4dc9eb458bcbcaf37ca2f6b4cf2f14d2e9e932471538f874634fcb2bae3c
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://36hbhv.johncboins.com/

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"21ff9-192a03f080a"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
date
Sat, 19 Oct 2024 09:52:15 GMT
x-xss-protection
1; mode=block
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 18 Oct 2024 15:28:58 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
959-8e222aa5b6b42b7f.js
36hbhv.johncboins.com/_next/static/chunks/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://36hbhv.johncboins.com/_next/static/chunks/959-8e222aa5b6b42b7f.js
Requested by
Host: 36hbhv.johncboins.com
URL: https://36hbhv.johncboins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.109.247.38 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
38.247.109.208.host.secureserver.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
661bb2b3c4fb29326068dee9b8165fbce7e5e427d695f996a23024b637039a3f
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://36hbhv.johncboins.com/

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"2471-192a03f080a"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
date
Sat, 19 Oct 2024 09:52:15 GMT
x-xss-protection
1; mode=block
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 18 Oct 2024 15:28:58 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
index-1fafe8063bfd7a5d.js
36hbhv.johncboins.com/_next/static/chunks/pages/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://36hbhv.johncboins.com/_next/static/chunks/pages/index-1fafe8063bfd7a5d.js
Requested by
Host: 36hbhv.johncboins.com
URL: https://36hbhv.johncboins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.109.247.38 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
38.247.109.208.host.secureserver.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0c9a1c9dba8ee4fd1189863148750081b6ccb22b8c0a37a644aa92e6d859e135
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://36hbhv.johncboins.com/

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"2088-192a03f080a"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
date
Sat, 19 Oct 2024 09:52:15 GMT
x-xss-protection
1; mode=block
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 18 Oct 2024 15:28:58 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
_buildManifest.js
36hbhv.johncboins.com/_next/static/aHpRESRaBHLaFKxZ2F1R4/ 		866 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://36hbhv.johncboins.com/_next/static/aHpRESRaBHLaFKxZ2F1R4/_buildManifest.js
Requested by
Host: 36hbhv.johncboins.com
URL: https://36hbhv.johncboins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.109.247.38 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
38.247.109.208.host.secureserver.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0fab42b5a7fb0d3eb23e8821e88857c0126b4b1e19c9f40e53cd14c8090f1f0e
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://36hbhv.johncboins.com/

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
etag
W/"362-192a03f080a"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
866
date
Sat, 19 Oct 2024 09:52:15 GMT
x-xss-protection
1; mode=block
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 18 Oct 2024 15:28:58 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
_ssgManifest.js
36hbhv.johncboins.com/_next/static/aHpRESRaBHLaFKxZ2F1R4/ 		77 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://36hbhv.johncboins.com/_next/static/aHpRESRaBHLaFKxZ2F1R4/_ssgManifest.js
Requested by
Host: 36hbhv.johncboins.com
URL: https://36hbhv.johncboins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.109.247.38 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
38.247.109.208.host.secureserver.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://36hbhv.johncboins.com/

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
etag
W/"4d-192a03f080a"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
accept-ranges
bytes
content-length
77
date
Sat, 19 Oct 2024 09:52:15 GMT
x-xss-protection
1; mode=block
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 18 Oct 2024 15:28:58 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
auth
36hbhv.johncboins.com/api/ 		22 B
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://36hbhv.johncboins.com/api/auth
Requested by
Host: 36hbhv.johncboins.com
URL: https://36hbhv.johncboins.com/_next/static/chunks/pages/_app-2c52f24ca442b509.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.109.247.38 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
38.247.109.208.host.secureserver.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9406c10d72e60ebe182eb1139c9daa5964f79fe1bb4d86004487ec8d4fdac2ba
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://36hbhv.johncboins.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
x-content-type-options
nosniff
allow
POST
referrer-policy
no-referrer-when-downgrade
date
Sat, 19 Oct 2024 09:52:16 GMT
x-xss-protection
1; mode=block
server
nginx/1.18.0 (Ubuntu)
x-frame-options
SAMEORIGIN
favicon.ico
36hbhv.johncboins.com/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://36hbhv.johncboins.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.109.247.38 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
38.247.109.208.host.secureserver.net
Software
nginx/1.18.0 (Ubuntu) / Next.js
Resource Hash
6f128f56c2819c610edeaa1988ff58eca832c6ea16c6422150335d16d6c8d4cf
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://36hbhv.johncboins.com/

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
etag
"13s6rtm1nri1x5"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
date
Sat, 19 Oct 2024 09:52:16 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
x-powered-by
Next.js
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
tDbM2oWUg0MKoZw1-LPK89D4hAA.woff2
fonts.gstatic.com/s/arvo/v22/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arvo/v22/tDbM2oWUg0MKoZw1-LPK89D4hAA.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
fb8bfea8108a2614e133e46c7cd68e35285cb98bf28307fea06517973b00de16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://36hbhv.johncboins.com
Referer
https://36hbhv.johncboins.com/

Response headers

age
281566
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:39:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:39:30 GMT
last-modified
Thu, 24 Aug 2023 17:33:29 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
10560
x-xss-protection
0
server
sffe
tDbD2oWUg0MKqScQ7Z7o_vo.woff2
fonts.gstatic.com/s/arvo/v22/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arvo/v22/tDbD2oWUg0MKqScQ7Z7o_vo.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
e061ae195e4001d5e839072b68531fbeb79ac03f2d21984e42c308d2de93e601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://36hbhv.johncboins.com
Referer
https://36hbhv.johncboins.com/

Response headers

age
281562
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:39:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:39:34 GMT
last-modified
Thu, 24 Aug 2023 17:32:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
10632
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk_N_E function| __next_set_public_path__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST boolean| MotionHandoffIsComplete

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://36hbhv.johncboins.com/api/auth
Message:
Failed to load resource: the server responded with a status of 405 ()
network error URL: https://36hbhv.johncboins.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://36hbhv.johncboins.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block