| cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js |  104.17.25.14 | 200 OK | 3.2 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js IP104.17.25.14:443
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7862) Hash96201abb62283557a9d7b97b4cab14ab a72f33d920d0ab863df4cb60edf44ec140304cdb 46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
GET /ajax/libs/lazysizes/5.3.0/lazysizes.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://janycebhattixq91x.pages.dev/
Origin: https://janycebhattixq91x.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 3150
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ff0b799-1ed1"
last-modified: Sat, 02 Jan 2021 18:12:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 780992
expires: Mon, 14 Apr 2025 17:46:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7rCEH%2FNM4Tcf9XnvZz7nEezzZM%2FV0Bd7k%2BgHs2PJjn4vi7s2iEbASGQVg0bVQPMciMxwAyBFxm3oxH%2F56NOHkv4eAQZKVbUZB17phNcumvu5ScBWk3EFCWsrlkDmB%2F4bwB%2FqULco"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8797e90f48b8b52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js | 104.17.25.14 | 200 OK | 22 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js IP104.17.25.14:443
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65241) Hash1276065911521c5c22037a31365d179d d1c6704e94efe2d465fc161b6381e127d35acd81 bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
GET /ajax/libs/jquery/3.6.0/jquery.slim.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://janycebhattixq91x.pages.dev/
Origin: https://janycebhattixq91x.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 22329
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-11ab4"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 12841035
expires: Mon, 14 Apr 2025 17:46:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XL5bsLi%2BMC6Y7aawjW1jJ2PzGG%2Fb30j6wMkDNzs1lJXyyrFf7Otp%2BiDOQ4gXYKIDrMfSOdGISQV20unWR0k566fu2H1Y2CLO9AoRXYn%2FfoRVT%2FL5ZSUywAPMAqxRGC1sUhaDmpBI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8797e90f48a8b52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif |  142.250.74.97 | 200 OK | 362 B |
URL GET HTTP/23.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif IP142.250.74.97:443
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintE8:F4:4F:CE:D1:E0:7B:C8:CD:18:45:AA:90:5A:35:8B:D5:CF:66:6B ValidityMon, 18 Mar 2024 20:01:08 GMT - Mon, 10 Jun 2024 20:01:07 GMT
File typeGIF image data, version 89a, 52 x 15 Hashfd2c05a8c327ace309722b0a5fc4faf3 f446e97c43f8830be9f60644563dd846abe6b8e8 0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
GET /-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://janycebhattixq91x.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="btn_close.gif"
x-content-type-options: nosniff
server: fife
content-length: 362
x-xss-protection: 0
date: Wed, 24 Apr 2024 17:18:51 GMT
expires: Thu, 25 Apr 2024 17:18:51 GMT
cache-control: public, max-age=86400, no-transform
age: 1630
etag: "v1764"
content-type: image/gif
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| earliesthuntingtransgress.com/a7adf9d52b6ef836c2a63bc70bb51a59/invoke.js | 192.243.61.227 | 200 OK | 12 kB |
URL GET HTTP/1.1earliesthuntingtransgress.com/a7adf9d52b6ef836c2a63bc70bb51a59/invoke.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerLet's Encrypt Subjectearliesthuntingtransgress.com FingerprintA8:A0:D6:D1:32:3F:6B:86:6E:77:BB:1B:49:45:79:6C:7F:30:9C:EF ValidityMon, 04 Mar 2024 11:48:44 GMT - Sun, 02 Jun 2024 11:48:43 GMT
File typeJavaScript source, ASCII text, with very long lines (31326), with no line terminators Hashb9e862fb3c10c61b78cd73f28dc029c4 50d152ffc699853f2047c0278b699e26064ab2e8 1f020e3de52fe1e446064ce5ecab8da6a2077256adb5ef5da6132792bf038de3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /a7adf9d52b6ef836c2a63bc70bb51a59/invoke.js HTTP/1.1
Host: earliesthuntingtransgress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://janycebhattixq91x.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 17:46:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 260b149da0c1797354d9240c67b5f1bd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats |  35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash125984b308dba3d493a977c5ac5f8527 401583402872af94cc205365223c3c2341d7510e bff5ab9b88e9bee2434d03e55cbffda3505ec8cb1f665ef0c32b97107eb2ae2e
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://janycebhattixq91x.pages.dev/
Origin: https://janycebhattixq91x.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://janycebhattixq91x.pages.dev
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=0b94d7fb-c52f-45b5-8be5-273434d7c3af:2:1; expires=Sat, 22 Apr 2034 17:46:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| earliesthuntingtransgress.com/c80e8cd7e7c6f58a14a8d729f8cdad80/invoke.js | 192.243.61.227 | 200 OK | 12 kB |
URL GET HTTP/1.1earliesthuntingtransgress.com/c80e8cd7e7c6f58a14a8d729f8cdad80/invoke.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerLet's Encrypt Subjectearliesthuntingtransgress.com FingerprintA8:A0:D6:D1:32:3F:6B:86:6E:77:BB:1B:49:45:79:6C:7F:30:9C:EF ValidityMon, 04 Mar 2024 11:48:44 GMT - Sun, 02 Jun 2024 11:48:43 GMT
File typeJavaScript source, ASCII text, with very long lines (31311), with no line terminators Hash906b32910b7ddb4e7f0ef53a91bb27af 9b46773a4bde1a25bf6755065945be47cbf1667b 0bd552998ca88519c6ccc0a19b2d25efcfa7fe4e896a09f30f1139922f1f32f2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /c80e8cd7e7c6f58a14a8d729f8cdad80/invoke.js HTTP/1.1
Host: earliesthuntingtransgress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://janycebhattixq91x.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 17:46:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c670c5e278c5c5f021adf971b9a2b8a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| tse1.mm.bing.net/th?q= | 13.107.21.200 | 404 Not Found | 727 B |
IP13.107.21.200:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint7C:28:A0:E5:94:14:8F:43:5F:DD:F8:5E:FD:79:61:FC:C8:33:3E:1A ValidityWed, 24 Apr 2024 02:02:41 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 80x80, components 3 Hash5116706c119475f5ae2fc135c3358037 7e5bdf3585153e317ebef05a9b8241d311e44cb3 7edda2585f580c167fd4e3a6c162534548cda437f8bef67c544f3aa9c162a17c
GET /th?q= HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://janycebhattixq91x.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cache-control: no-cache
pragma: no-cache
content-length: 727
expires: -1
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1CD1403FD93B48E4BF728FB1149B8F7D Ref B: OSL30EDGE0518 Ref C: 2024-04-24T17:46:02Z
date: Wed, 24 Apr 2024 17:46:02 GMT
X-Firefox-Spdy: h2
|
|
| split.jaketkulit.web.id/get/site/js/1d6def2e9b082f24c59c908dc9eba138 | 104.21.86.250 | 200 OK | 694 B |
URL GET HTTP/2split.jaketkulit.web.id/get/site/js/1d6def2e9b082f24c59c908dc9eba138 IP104.21.86.250:443
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerLet's Encrypt Subjectjaketkulit.web.id Fingerprint80:8B:F9:62:27:FA:23:A8:54:26:C7:57:90:E0:EE:1C:F0:8C:9F:F5 ValidityMon, 01 Apr 2024 01:48:02 GMT - Sun, 30 Jun 2024 01:48:01 GMT
File typeASCII text, with CRLF line terminators Hash0dd5e9f8fe647a2b50f24d675add5c7a b8c4bce2af4269844f253dd6a9be9304e5b84372 d4bb70f263015ee6e9254446f119f1f895f735f6b0097b43a4c5592b02efd367
GET /get/site/js/1d6def2e9b082f24c59c908dc9eba138 HTTP/1.1
Host: split.jaketkulit.web.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://janycebhattixq91x.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:01 GMT
content-type: application/javascript
vary: Accept-Encoding
set-cookie: PHPSESSID=l4but5c4eq7ba4039m7074tl9r; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin:
access-control-allow-credentials: true
access-control-max-age: 86400
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n7c%2F5f3V34lgcFj61oRd99rTPtNOdRsDKStVBfvUwWBv%2BG5raButiMOXTNElKO0Ak%2FVEM%2FWFXLYq669CQ4HlaO7Gl%2Fh%2By3ak4NyVdTfGpuSyLxbevGcC85MBK61NkwAdVRU1grEo6a%2B1nA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797e90fc86156cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| split.jaketkulit.web.id/get/site/js/5eece17d3538f80d2e76b7b3913aecfa | 104.21.86.250 | 200 OK | 719 B |
URL GET HTTP/2split.jaketkulit.web.id/get/site/js/5eece17d3538f80d2e76b7b3913aecfa IP104.21.86.250:443
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerLet's Encrypt Subjectjaketkulit.web.id Fingerprint80:8B:F9:62:27:FA:23:A8:54:26:C7:57:90:E0:EE:1C:F0:8C:9F:F5 ValidityMon, 01 Apr 2024 01:48:02 GMT - Sun, 30 Jun 2024 01:48:01 GMT
File typeASCII text, with CRLF line terminators Hash9e770a81e2dbb86de7fc425dfb96bfa0 ccb9ee9e7622c24cf9d5330853fa95df826bfdef a60e4bedaf17b1fe1e6b570c1a3bfab385aefaf1640e69b45ba8dd87e8d53aa8
GET /get/site/js/5eece17d3538f80d2e76b7b3913aecfa HTTP/1.1
Host: split.jaketkulit.web.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://janycebhattixq91x.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:01 GMT
content-type: application/javascript
vary: Accept-Encoding
set-cookie: PHPSESSID=7ljmc4vrdgpgsodrfagugca3ee; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin:
access-control-allow-credentials: true
access-control-max-age: 86400
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R1CSyfXXp3cQOyLllCroZu9rpoJHG%2Bfipgd6GdUs4c9cpMKuZ9RiahMC9I7lm2bcHETtB5x86e8fbOv1dQRsI7q2gXYWy8araj14Tk%2Fnli3TpF%2BAwYYlbcKPHG1tYuBm2FgUGYyt5DsSsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797e90fd86556cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| postthieve.com/watch.411986655457.js?key=c80e8cd7e7c6f58a14a8d729f8cdad80&kw=%5B%5D&refer=https%3A%2F%2Fjanycebhattixq91x.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=0b94d7fb-c52f-45b5-8be5-273434d7c3af%3A2%3A1 | 172.240.127.234 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1postthieve.com/watch.411986655457.js?key=c80e8cd7e7c6f58a14a8d729f8cdad80&kw=%5B%5D&refer=https%3A%2F%2Fjanycebhattixq91x.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=0b94d7fb-c52f-45b5-8be5-273434d7c3af%3A2%3A1 IP172.240.127.234:443
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerLet's Encrypt Subjectpostthieve.com Fingerprint4C:B5:73:17:36:A5:52:8C:0D:CC:8E:C4:1B:A3:F7:CC:16:70:06:41 ValidityTue, 23 Apr 2024 10:57:03 GMT - Mon, 22 Jul 2024 10:57:02 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.411986655457.js?key=c80e8cd7e7c6f58a14a8d729f8cdad80&kw=%5B%5D&refer=https%3A%2F%2Fjanycebhattixq91x.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=0b94d7fb-c52f-45b5-8be5-273434d7c3af%3A2%3A1 HTTP/1.1
Host: postthieve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://janycebhattixq91x.pages.dev/
Origin: https://janycebhattixq91x.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 17:46:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://janycebhattixq91x.pages.dev
Access-Control-Allow-Origin: https://janycebhattixq91x.pages.dev
Access-Control-Allow-Credentials: true
Location: https://postthieve.com/watch.411986655457.js?dev=e&key=c80e8cd7e7c6f58a14a8d729f8cdad80&kw=%5B%5D&pst=1713980823&refer=https%3A%2F%2Fjanycebhattixq91x.pages.dev%2F&res=14.2071&rmtc=t&shu=727ae8c4a57fd818d94636094ef1490ec5874cf7e3d3b5d87cdbae1f7894f115f5962e0c0592aefc8443e5556060cd73948045aa4732835208cfb435c51abbca30cafe676e819710703f70198b9958ea1a84c0216e621a52f1ce9eeb88dbf2f3&tz=0&uuid=0b94d7fb-c52f-45b5-8be5-273434d7c3af%3A2%3A1
Set-Cookie: u_pl=17410480; expires=Thu, 25 Apr 2024 17:46:03 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQxMDQ4MCwiayI6ImM4MGU4Y2Q3ZTdjNmY1OGExNGE4ZDcyOWY4Y2RhZDgwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTA0NDczLCJwaWQiOjQ1NjY1MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InpqMWF5eHp0OW4iLCJjcGtzIjp7IjI4IjoiZDVmMzc4MWY4NmRiMmY1OGVjMTEwYmZmNjgyNDY5NzcifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vamFueWNlYmhhdHRpeHE5MXgucGFnZXMuZGV2LyIsImFyIjpbXX19.K_9BMz97L3jvJVThdaU1UHrOrz1HYPIPJ_TTb-ociI4; expires=Wed, 24 Apr 2024 17:47:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 746b7f51c497c4097df79226fc59d968
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| evaluateuncanny.com/watch.1109750124726.js?key=a7adf9d52b6ef836c2a63bc70bb51a59&kw=%5B%5D&refer=https%3A%2F%2Fjanycebhattixq91x.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=0b94d7fb-c52f-45b5-8be5-273434d7c3af%3A2%3A1 | 192.243.61.225 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1evaluateuncanny.com/watch.1109750124726.js?key=a7adf9d52b6ef836c2a63bc70bb51a59&kw=%5B%5D&refer=https%3A%2F%2Fjanycebhattixq91x.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=0b94d7fb-c52f-45b5-8be5-273434d7c3af%3A2%3A1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerLet's Encrypt Subjectevaluateuncanny.com FingerprintFA:C8:EC:09:73:C4:B6:E0:EA:76:F1:B4:A3:6D:0D:97:11:91:64:CC ValidityTue, 23 Apr 2024 10:54:45 GMT - Mon, 22 Jul 2024 10:54:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1109750124726.js?key=a7adf9d52b6ef836c2a63bc70bb51a59&kw=%5B%5D&refer=https%3A%2F%2Fjanycebhattixq91x.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=0b94d7fb-c52f-45b5-8be5-273434d7c3af%3A2%3A1 HTTP/1.1
Host: evaluateuncanny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://janycebhattixq91x.pages.dev/
Origin: https://janycebhattixq91x.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 17:46:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://janycebhattixq91x.pages.dev
Access-Control-Allow-Origin: https://janycebhattixq91x.pages.dev
Access-Control-Allow-Credentials: true
Location: https://evaluateuncanny.com/watch.1109750124726.js?dev=e&key=a7adf9d52b6ef836c2a63bc70bb51a59&kw=%5B%5D&pst=1713980823&refer=https%3A%2F%2Fjanycebhattixq91x.pages.dev%2F&res=14.2071&rmtc=t&shu=8ff4f267e53f7948a6467708d20e099bf8390cb99b97226c4650b7c621e914318a97cb7d3dab81898ca7964819714acedd52231afdf89da8c517c913a55daf83ee46b2688eeb5ba22b83204fa10fdff886df341809b4c65c2838d28fd3cfa48775265a&tz=0&uuid=0b94d7fb-c52f-45b5-8be5-273434d7c3af%3A2%3A1
Set-Cookie: u_pl=17410482; expires=Thu, 25 Apr 2024 17:46:03 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQxMDQ4MiwiayI6ImE3YWRmOWQ1MmI2ZWY4MzZjMmE2M2JjNzBiYjUxYTU5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTA0NDczLCJwaWQiOjQ1NjY1MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJrZGJxaDgybW4iLCJjcGtzIjp7IjI5IjoiNzMzYjI1NjE4ZWYxNDBlZmIzODk5MzlkMjc3YTYyZTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vamFueWNlYmhhdHRpeHE5MXgucGFnZXMuZGV2LyIsImFyIjpbXX19.XgF9hV_tkzG1F2L5huVKEc9BbuCsK6BfbqNNw4bgcUE; expires=Wed, 24 Apr 2024 17:47:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 434af17c6de424a460aeec84e37a2bf1
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| postthieve.com/watch.411986655457.js?dev=e&key=c80e8cd7e7c6f58a14a8d729f8cdad80&kw=%5B%5D&pst=1713980823&refer=https%3A%2F%2Fjanycebhattixq91x.pages.dev%2F&res=14.2071&rmtc=t&shu=727ae8c4a57fd818d94636094ef1490ec5874cf7e3d3b5d87cdbae1f7894f115f5962e0c0592aefc8443e5556060cd73948045aa4732835208cfb435c51abbca30cafe676e819710703f70198b9958ea1a84c0216e621a52f1ce9eeb88dbf2f3&tz=0&uuid=0b94d7fb-c52f-45b5-8be5-273434d7c3af%3A2%3A1 | 172.240.127.234 | 200 OK | 2.0 kB |
URL GET HTTP/1.1postthieve.com/watch.411986655457.js?dev=e&key=c80e8cd7e7c6f58a14a8d729f8cdad80&kw=%5B%5D&pst=1713980823&refer=https%3A%2F%2Fjanycebhattixq91x.pages.dev%2F&res=14.2071&rmtc=t&shu=727ae8c4a57fd818d94636094ef1490ec5874cf7e3d3b5d87cdbae1f7894f115f5962e0c0592aefc8443e5556060cd73948045aa4732835208cfb435c51abbca30cafe676e819710703f70198b9958ea1a84c0216e621a52f1ce9eeb88dbf2f3&tz=0&uuid=0b94d7fb-c52f-45b5-8be5-273434d7c3af%3A2%3A1 IP172.240.127.234:443
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerLet's Encrypt Subjectpostthieve.com Fingerprint4C:B5:73:17:36:A5:52:8C:0D:CC:8E:C4:1B:A3:F7:CC:16:70:06:41 ValidityTue, 23 Apr 2024 10:57:03 GMT - Mon, 22 Jul 2024 10:57:02 GMT
File typeJavaScript source, ASCII text, with very long lines (2470) Hashaff94113b0613d5388adca76bdfbd9f7 1b39662e63606d8640405d76dbcba1fc30d1ffc0 ae342b08fc34e1ef6dd833d40ef8d2d13d33d7c106b568e90395c2e5bf0abfc0
GET /watch.411986655457.js?dev=e&key=c80e8cd7e7c6f58a14a8d729f8cdad80&kw=%5B%5D&pst=1713980823&refer=https%3A%2F%2Fjanycebhattixq91x.pages.dev%2F&res=14.2071&rmtc=t&shu=727ae8c4a57fd818d94636094ef1490ec5874cf7e3d3b5d87cdbae1f7894f115f5962e0c0592aefc8443e5556060cd73948045aa4732835208cfb435c51abbca30cafe676e819710703f70198b9958ea1a84c0216e621a52f1ce9eeb88dbf2f3&tz=0&uuid=0b94d7fb-c52f-45b5-8be5-273434d7c3af%3A2%3A1 HTTP/1.1
Host: postthieve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://janycebhattixq91x.pages.dev
Referer: https://janycebhattixq91x.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17410480; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQxMDQ4MCwiayI6ImM4MGU4Y2Q3ZTdjNmY1OGExNGE4ZDcyOWY4Y2RhZDgwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTA0NDczLCJwaWQiOjQ1NjY1MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InpqMWF5eHp0OW4iLCJjcGtzIjp7IjI4IjoiZDVmMzc4MWY4NmRiMmY1OGVjMTEwYmZmNjgyNDY5NzcifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vamFueWNlYmhhdHRpeHE5MXgucGFnZXMuZGV2LyIsImFyIjpbXX19.K_9BMz97L3jvJVThdaU1UHrOrz1HYPIPJ_TTb-ociI4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 17:46:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://janycebhattixq91x.pages.dev
Access-Control-Allow-Origin: https://janycebhattixq91x.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0b94d7fb-c52f-45b5-8be5-273434d7c3af:2:1; expires=Wed, 01 May 2024 17:46:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 25 Apr 2024 17:46:03 GMT; secure; SameSite=None
uncs=1; expires=Thu, 25 Apr 2024 17:46:03 GMT; secure; SameSite=None
pdhtkv5=true; expires=Thu, 25 Apr 2024 17:46:03 GMT; secure; SameSite=None
uncs5=1; expires=Thu, 25 Apr 2024 17:46:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 71957f4cec339da5ad5bbf3c732b4b41
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| evaluateuncanny.com/watch.1109750124726.js?dev=e&key=a7adf9d52b6ef836c2a63bc70bb51a59&kw=%5B%5D&pst=1713980823&refer=https%3A%2F%2Fjanycebhattixq91x.pages.dev%2F&res=14.2071&rmtc=t&shu=8ff4f267e53f7948a6467708d20e099bf8390cb99b97226c4650b7c621e914318a97cb7d3dab81898ca7964819714acedd52231afdf89da8c517c913a55daf83ee46b2688eeb5ba22b83204fa10fdff886df341809b4c65c2838d28fd3cfa48775265a&tz=0&uuid=0b94d7fb-c52f-45b5-8be5-273434d7c3af%3A2%3A1 | 192.243.61.225 | 200 OK | 2.0 kB |
URL GET HTTP/1.1evaluateuncanny.com/watch.1109750124726.js?dev=e&key=a7adf9d52b6ef836c2a63bc70bb51a59&kw=%5B%5D&pst=1713980823&refer=https%3A%2F%2Fjanycebhattixq91x.pages.dev%2F&res=14.2071&rmtc=t&shu=8ff4f267e53f7948a6467708d20e099bf8390cb99b97226c4650b7c621e914318a97cb7d3dab81898ca7964819714acedd52231afdf89da8c517c913a55daf83ee46b2688eeb5ba22b83204fa10fdff886df341809b4c65c2838d28fd3cfa48775265a&tz=0&uuid=0b94d7fb-c52f-45b5-8be5-273434d7c3af%3A2%3A1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerLet's Encrypt Subjectevaluateuncanny.com FingerprintFA:C8:EC:09:73:C4:B6:E0:EA:76:F1:B4:A3:6D:0D:97:11:91:64:CC ValidityTue, 23 Apr 2024 10:54:45 GMT - Mon, 22 Jul 2024 10:54:44 GMT
File typeJavaScript source, ASCII text, with very long lines (2465) Hashd9147f6830781b2bee4188d8c9592137 5e04f4928ca7b2d6a5e1267c66b0505cda59ea57 04713301b76e4a3f675f2bc79a30932ad32854cdf82b1e60a7d852b3061dd684
GET /watch.1109750124726.js?dev=e&key=a7adf9d52b6ef836c2a63bc70bb51a59&kw=%5B%5D&pst=1713980823&refer=https%3A%2F%2Fjanycebhattixq91x.pages.dev%2F&res=14.2071&rmtc=t&shu=8ff4f267e53f7948a6467708d20e099bf8390cb99b97226c4650b7c621e914318a97cb7d3dab81898ca7964819714acedd52231afdf89da8c517c913a55daf83ee46b2688eeb5ba22b83204fa10fdff886df341809b4c65c2838d28fd3cfa48775265a&tz=0&uuid=0b94d7fb-c52f-45b5-8be5-273434d7c3af%3A2%3A1 HTTP/1.1
Host: evaluateuncanny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://janycebhattixq91x.pages.dev
Referer: https://janycebhattixq91x.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17410482; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQxMDQ4MiwiayI6ImE3YWRmOWQ1MmI2ZWY4MzZjMmE2M2JjNzBiYjUxYTU5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTA0NDczLCJwaWQiOjQ1NjY1MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJrZGJxaDgybW4iLCJjcGtzIjp7IjI5IjoiNzMzYjI1NjE4ZWYxNDBlZmIzODk5MzlkMjc3YTYyZTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vamFueWNlYmhhdHRpeHE5MXgucGFnZXMuZGV2LyIsImFyIjpbXX19.XgF9hV_tkzG1F2L5huVKEc9BbuCsK6BfbqNNw4bgcUE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 17:46:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://janycebhattixq91x.pages.dev
Access-Control-Allow-Origin: https://janycebhattixq91x.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0b94d7fb-c52f-45b5-8be5-273434d7c3af:2:1; expires=Wed, 01 May 2024 17:46:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 25 Apr 2024 17:46:03 GMT; secure; SameSite=None
uncs=1; expires=Thu, 25 Apr 2024 17:46:03 GMT; secure; SameSite=None
pdhtkv23=true; expires=Thu, 25 Apr 2024 17:46:03 GMT; secure; SameSite=None
uncs23=1; expires=Thu, 25 Apr 2024 17:46:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5eb5368ad03be36a8380e172ff66ce1c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.cloudimagesb.com/cti/24/5b/3c/245b3c40c6d7a28419b530e0f4c8160a/1708270169.jpg | 45.133.44.9 | 200 OK | 76 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/24/5b/3c/245b3c40c6d7a28419b530e0f4c8160a/1708270169.jpg IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:16 15:05:08], progressive, precision 8, 300x250, components 3 Hash0ce3d5c31e61b2b14c5ede2cdd64045e 4d260a0cc5f3a184568ffe8ca627441ce048a6c4 e2955a0eca91674eb16ea126b21a1a04e19a2d7f7ddfdc80f95d2260a0ce6224
GET /cti/24/5b/3c/245b3c40c6d7a28419b530e0f4c8160a/1708270169.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:03 GMT
content-type: image/jpeg
content-length: 75664
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:29:37 GMT
etag: "65d22261-12790"
expires: Fri, 26 Apr 2024 17:46:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/6b/66/81/6b66811e5a98f23a678c8617e305411f/1707726249.jpg | 45.133.44.9 | 200 OK | 71 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/6b/66/81/6b66811e5a98f23a678c8617e305411f/1707726249.jpg IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 728x90, components 3 Hash87aa79b34568872bc200c4370d3fab4d 88c86e6c88a3350b243e6b394a02929f275c823d c4490618e39f5b51260b3d98b3f3ea0a9362b1eaff286d420e2550f8f86e67da
GET /cti/6b/66/81/6b66811e5a98f23a678c8617e305411f/1707726249.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:03 GMT
content-type: image/jpeg
content-length: 71425
server: nginx/1.21.6
last-modified: Mon, 12 Feb 2024 08:24:19 GMT
etag: "65c9d5b3-11701"
expires: Fri, 26 Apr 2024 17:46:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| shayscholz.blogspot.com/favicon.ico | 216.58.207.193 | | 412 B |
URL GET shayscholz.blogspot.com/favicon.ico IP216.58.207.193:0
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintE8:F4:4F:CE:D1:E0:7B:C8:CD:18:45:AA:90:5A:35:8B:D5:CF:66:6B ValidityMon, 18 Mar 2024 20:01:08 GMT - Mon, 10 Jun 2024 20:01:07 GMT
File typeMS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel Hash59a0c7b6e4848ccdabcea0636efda02b 30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340 a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
GET /favicon.ico HTTP/1.1
Host: shayscholz.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://janycebhattixq91x.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/x-icon
expires: Wed, 24 Apr 2024 17:46:03 GMT
date: Wed, 24 Apr 2024 17:46:03 GMT
cache-control: private, max-age=86400
last-modified: Fri, 08 Mar 2024 19:12:27 GMT
etag: W/"53e1bb00e6929e879a040ee00d8ddd9c6a9b1f6c6c79cd1077a9390901619218"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| janycebhattixq91x.pages.dev/ | 172.66.46.249 | 200 OK | 30 kB |
URL User Request GET HTTP/2janycebhattixq91x.pages.dev/ IP172.66.46.249:443
CertificateIssuerLet's Encrypt Subjectjanycebhattixq91x.pages.dev FingerprintBD:38:36:CF:EA:33:0B:69:8B:87:30:AB:8D:5C:1F:A4:01:F5:6A:5B ValidityTue, 23 Apr 2024 16:25:46 GMT - Mon, 22 Jul 2024 16:25:45 GMT
File typeHTML document, ASCII text, with very long lines (11253), with CRLF line terminators Hash9f1ef56461d92c5a73733703aabc5b74 32a650a5403e774650655eeac8124240ac44aca0 da0ad86487011bacca3f36ccf2a8f90ce502b0620f220f8e45f97172bc155bc0
GET / HTTP/1.1
Host: janycebhattixq91x.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:01 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"c43f6b971a89cb9f7295cf8e0b73d342"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ok4MIO2RN8O8BzrFZbo3JklVMUG9oBTV7VBhmpv6ZHQb95hA%2Bqya3fur4nZuoRwfdrJiN1VocZvU94hnDyMNndzQvThJj8NwCx6Vx4gbA08O7Iy94GHqSwn36tafJTEJ8O54rU9a8uqLMuStXRE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797e90c8a4e712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q= | 142.250.74.78 | 200 OK | 20 B |
URL GET HTTP/2suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q= IP142.250.74.78:443
Requested byhttps://janycebhattixq91x.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeASCII text, with no line terminators Hasha1b72ded50d7e2b047cd0d3966b148ab 8ff9743451774724c183efa801b999ecce23821a 4d9063bb918234965c25e4a0844d20c1cb01dae120c181c92f39a33b869be23f
GET /complete/search?jsonp=autoRelated&hl=en&client=firefox&q= HTTP/1.1
Host: suggestqueries.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://janycebhattixq91x.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:46:03 GMT
pragma: no-cache
expires: -1
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-6seMnU_vBnEbAzKrkJErjw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: gws
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|