Report - www.6jten.com/835.html

Report Overview

Visited public
2024-08-31 22:49:36
Tags
URL
www.6jten.com/835.html
Finishing URL
www.6jten.com/835.html
IP / ASN
104.21.9.177
#13335 CLOUDFLARENET
Title
(1) New Message!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
binaryjoy.co.uk	unknown	2006-03-05	2013-08-26 12:30:51	2023-03-02 07:22:12	489 B	23 kB	104.21.45.107
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-08-31 17:40:17	427 B	420 B	35.156.220.253
indexeslaughter.com	unknown	2022-05-14	2022-05-14 15:59:09	2024-02-28 14:48:57	436 B	17 kB	172.240.127.234
i0.wp.com	3021	1997-03-28	2013-09-17 08:14:42	2024-08-31 17:45:12	1.0 kB	25 kB	192.0.77.2
takegerman.com	unknown	2024-07-01	2024-08-29 11:31:02	2024-08-31 13:20:00	7.2 kB	13 kB	172.240.127.234
cdn.creative-stat1.com	unknown	2024-08-20	2024-08-27 20:37:01	2024-08-28 14:40:07	2.0 kB	46 kB	188.114.96.1
i2.wp.com	5618	1997-03-28	2017-01-30 06:03:40	2024-08-31 17:45:12	494 B	5.4 kB	192.0.77.2
6jten.com	unknown	unknown	No data	No data	956 B	5.3 kB	104.21.9.177
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-08-31 17:39:15	2.6 kB	76 kB	216.58.207.227
i1.wp.com	6037	1997-03-28	2012-09-27 07:17:34	2024-08-31 17:45:12	2.1 kB	28 kB	192.0.77.2
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2024-08-31 17:33:19	338 B	941 B	143.204.53.97
cdn.show-creative1.com	unknown	2024-08-20	2024-08-27 20:37:00	2024-08-29 09:32:55	509 B	1.6 kB	104.21.15.229
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2024-08-31 13:20:01	733 B	471 B	192.243.61.225
www.6jten.com	unknown	unknown	No data	No data	7.1 kB	496 kB	104.21.9.177
sob.ajaib.biz.id	unknown	unknown	No data	No data	389 B	881 B	172.67.146.139
preview.redd.it	3176	2010-05-31	2018-09-07 00:05:18	2024-08-31 18:22:40	501 B	58 kB	151.101.1.140
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-08-31 17:39:09	2.3 kB	6.2 kB	23.36.77.32
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-08-31 17:13:16	1.6 kB	3.5 kB	142.250.74.131
i3.wp.com	44229	1997-03-28	2017-01-29 13:42:13	2024-08-31 17:45:12	1.1 kB	18 kB	192.0.77.2
recordedthereby.com	unknown	2024-05-08	2024-05-14 07:24:53	2024-08-31 09:25:37	400 B	86 kB	188.114.97.1
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-08-31 17:39:33	418 B	7.6 kB	142.250.74.106
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-08-31 17:40:44	1.6 kB	4.4 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-08-31	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (11)

	URL	From	Size	First Seen	Last Seen
	www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-header-49cc12d1.min.js	ScriptElement	120 kB	2024-08-28	2024-10-04
Pretty URL www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-header-49cc12d1.min.js IP 104.21.9.177 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-28 12:15 Last Seen2024-10-04 11:20 Times Seen3 Hash de9099952644ab506b201699185989a8 c03865693f714b37590910c97fe4e4e462e5d34c 162c21b03f1b81ea7ed4beeccd403aca15f15b5afda3ad409911f065706fd6ab Loading...

	www.6jten.com/835.html	ScriptElement	25 kB	2024-09-20	2024-09-20
Pretty URL www.6jten.com/835.html IP 104.21.9.177 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-20 20:09 Last Seen2024-09-20 20:09 Times Seen1 Hash 2932f74f1bd5fe9a3812c99fa6aa09da 1a38e2a5a81dfd6665a5db73e3bdef9ad12d0de4 2cf0a498c47e5dbcf51bd18379b7bd413d0c9e8dca6479ace72a03f940c0cbc2 Loading...

	www.6jten.com/835.html	ScriptElement	424 B	2024-09-20	2024-09-20
Pretty URL www.6jten.com/835.html IP 104.21.9.177 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-20 20:09 Last Seen2024-09-20 20:09 Times Seen1 Hash 0ef489a6b2018d2a504b46ee0d23c9ab cabe1ab7051da1e61ea140a0e23169b034b801c6 ac45b996949b02d96c630e1fd7b04c6250340ed74e7fcfded229e58b7401269c Loading...

	www.6jten.com/835.html	ScriptElement	397 B	2024-09-20	2024-09-20
Pretty URL www.6jten.com/835.html IP 104.21.9.177 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-20 20:09 Last Seen2024-09-20 20:09 Times Seen1 Hash a3769aa280bc1968485148f14ba99d46 23a3f0ad11e87d6fe4d3c75ae242e23b643e3fd6 b7862e7558adda4645ea66b49e63df44f84d0cd570ce74aa1925411d7284d624 Loading...

	www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-footer-9fee37bf.min.js	ScriptElement	115 kB	2024-09-20	2024-09-20
Pretty URL www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-footer-9fee37bf.min.js IP 104.21.9.177 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-20 20:09 Last Seen2024-09-20 20:09 Times Seen1 Hash 323b56ff82379f94ad5a4b204c8ef44e b43237927963699d648c641cf2839cff639d1ad1 192417d0db5553b4d6b8d1f9d38d22662d69f0f546a2117a9ef091fa41796024 Loading...

	www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-footer-24df054d.min.js	ScriptElement	3.0 kB	2023-08-22	2025-03-14
Pretty URL www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-footer-24df054d.min.js IP 104.21.9.177 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-22 06:17 Last Seen2025-03-14 04:16 Times Seen44 Hash 023f9af51edb16a274fc7025aa3e25ab ca75c3d1cb75a57cf23944a5fd1d55949e65c5fd c420f32b3ac8ca4dad29c471fd2149bf221ac03740c7816154c9703b38f6907c Loading...

	unknown	ScriptElement	601 B	2024-08-28	2024-09-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-28 10:32 Last Seen2024-09-20 20:09 Times Seen2 Hash a8db1e7072d5547b559fde86256695cc 80cd028a08dd0d75517bb8c9c3eb34416a1b1b0b 69154a7549ddcc1c4038ea6a0e50ee86a39d2a84289a2de0bd20c1dd24332f11 Loading...

	www.6jten.com/835.html	ScriptElement	1.1 kB	2024-09-20	2024-09-20
Pretty URL www.6jten.com/835.html IP 104.21.9.177 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-20 20:09 Last Seen2024-09-20 20:09 Times Seen1 Hash 0de9a2cb63c8ca96a68ce7135b83426b 2ee87d6182c18ee3eb55bcfde142e0791c7c7732 e0895b52cfcbb38002cf6d544daf53ae9fdf8b5e80dec6fb8734729d943f85ef Loading...

	sob.ajaib.biz.id/	ScriptElement	45 kB	2024-09-20	2024-09-20
Pretty URL sob.ajaib.biz.id/ IP 172.67.146.139 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-20 20:09 Last Seen2024-09-20 20:09 Times Seen1 Hash e448f5410b9d7962c0a288cf24c8eca9 695b1ee37b95c24c6aa3db42edcc5167cdaa69f1 5c3019f1c5cf945a90511e7bef11aa2651870e79854eefeb168da072ca07efaf Loading...

	www.6jten.com/wp-content/themes/revenue-pro/assets/js/html5.js	ScriptElement	10 kB	2023-03-07	2025-06-03
Pretty URL www.6jten.com/wp-content/themes/revenue-pro/assets/js/html5.js IP 104.21.9.177 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27 Last Seen2025-06-03 01:11 Times Seen297 Hash 5ee990907b315027da600eeeaee2e04b a5767b8325822da1212f702e79aea069747e4747 a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

HTTP Transactions (68)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c3d1bfb12515d2f23214f980f7a18b8c
24cc3d9048888cc7e1f4ff42b8fdc1c16c9feb46
35a446cea345dbdb2c297726a3d6cc5f1088f4f9a3f65904c3b9655056efda06

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "35A446CEA345DBDB2C297726A3D6CC5F1088F4F9A3F65904C3B9655056EFDA06"
Last-Modified: Thu, 29 Aug 2024 09:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3795
Expires: Sat, 31 Aug 2024 23:52:23 GMT
Date: Sat, 31 Aug 2024 22:49:08 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
404e3e4520c09fcce1358b1a21f6b171
040aa03460f3d7ec6f75cae0bf5a462a4bb9798d
f6fc34acb6b2d60bb37dd5caf92b0988cdd52927d80d1f5e7bc23b7db9e8209a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F6FC34ACB6B2D60BB37DD5CAF92B0988CDD52927D80D1F5E7BC23B7DB9E8209A"
Last-Modified: Sat, 31 Aug 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18508
Expires: Sun, 01 Sep 2024 03:57:37 GMT
Date: Sat, 31 Aug 2024 22:49:09 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
231aa156f55dd8497dca6a2066312be3
741432c8275492eb38bba5d0841685dc4f864fee
f348affacf8e814c579ff56d592287275dcf79e2f55f1d041921833d730d2349

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F348AFFACF8E814C579FF56D592287275DCF79E2F55F1D041921833D730D2349"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3630
Expires: Sat, 31 Aug 2024 23:49:39 GMT
Date: Sat, 31 Aug 2024 22:49:09 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9d2c063731a46a7e1548540195080de0
dd1924ebf7697509a10f3f07604f28f96b4fc498
0d414ed4850119c53fae9ddd19ee1dd95783fd08f7389c3e8ec95215023e298e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0D414ED4850119C53FAE9DDD19EE1DD95783FD08F7389C3E8EC95215023E298E"
Last-Modified: Sat, 31 Aug 2024 02:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3778
Expires: Sat, 31 Aug 2024 23:52:07 GMT
Date: Sat, 31 Aug 2024 22:49:09 GMT
Connection: keep-alive

sob.ajaib.biz.id/

172.67.146.139

301 Moved Permanently

167 B

URL GET HTTP/2
sob.ajaib.biz.id/
IP
172.67.146.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subjectajaib.biz.id
FingerprintED:E2:9A:DA:A1:14:A7:10:32:15:90:FA:2C:6B:B4:1E:ED:64:48:23
ValidityTue, 09 Jul 2024 18:18:29 GMT - Mon, 07 Oct 2024 18:18:28 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET / HTTP/1.1
Host: sob.ajaib.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 31 Aug 2024 22:49:11 GMT
content-type: text/html
content-length: 167
location: https://indexeslaughter.com/96/2f/9d/962f9de1736de6fd656a3e9a1cebaee9.js
cache-control: max-age=3600
expires: Sat, 31 Aug 2024 23:49:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y319qcUO1RURdIQxsJrIUQgLIilMnfPUZ3RjET0LbixlJF0avpk%2BtHrBkNKdZPlPWp38UT8hNdIiI8o02xeB%2BazbYO7%2BM6w5bPIRloqpmtL7dgrrANQOaPrjE%2FCv212U5wXk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc092863a6056cc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

preview.redd.it/tnwo4l5oqg261.png?width=1366&format=png&auto=webp&s=c4dbb2aa89936185cb1c5a2571d2be7c3fe000ab

151.101.1.140

200 OK

57 kB

URL GET HTTP/2
preview.redd.it/tnwo4l5oqg261.png?width=1366&format=png&auto=webp&s=c4dbb2aa89936185cb1c5a2571d2be7c3fe000ab
IP
151.101.1.140:443
ASN
#54113 FASTLY

Requested by
https://www.6jten.com/835.html
Certificate
IssuerDigiCert Inc
Subject*.redd.it
Fingerprint04:49:78:86:E9:A8:C7:C6:A6:9F:DB:BF:7C:67:5A:49:B4:30:94:00
ValidityThu, 30 May 2024 00:00:00 GMT - Tue, 26 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1366x725, Scaling: [none]x[none], YUV color, decoders should clamp
Size
57 kB (56664 bytes)
Hash
20c65370fd19eeb03ed7d13983940f4b
c2795a7f8b6ba21b4fc69be98419d7fe7e3c923d
47b1f39fd9bbf88c2617948d563f32e6df13bad76a3d210ccf59b286b0b00962

HTTP Headers

GET /tnwo4l5oqg261.png?width=1366&format=png&auto=webp&s=c4dbb2aa89936185cb1c5a2571d2be7c3fe000ab HTTP/1.1
Host: preview.redd.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
content-type: image/webp
reddit-io-info: ifsz=583844 idim=1366x725 ifmt=png ofsz=56664 odim=1366x725 ofmt=webp
reddit-stats: io=1
x-imo-features: auto=webp&format=png&width=1366
x-canonical-filename-image-generation: 1
via: 1.1 varnish, 1.1 varnish
server: snooserv
accept-ranges: bytes
date: Sat, 31 Aug 2024 22:49:11 GMT
vary: Accept,X-Imo-Features,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 56664
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
20c9eec1ed6a0f3c730b021493b9e3ec
9f241af1cf1513631da05ffbaede6bcd16e93571
0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3878
Expires: Sat, 31 Aug 2024 23:53:49 GMT
Date: Sat, 31 Aug 2024 22:49:11 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
20c9eec1ed6a0f3c730b021493b9e3ec
9f241af1cf1513631da05ffbaede6bcd16e93571
0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3878
Expires: Sat, 31 Aug 2024 23:53:49 GMT
Date: Sat, 31 Aug 2024 22:49:11 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
20c9eec1ed6a0f3c730b021493b9e3ec
9f241af1cf1513631da05ffbaede6bcd16e93571
0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3878
Expires: Sat, 31 Aug 2024 23:53:49 GMT
Date: Sat, 31 Aug 2024 22:49:11 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
20c9eec1ed6a0f3c730b021493b9e3ec
9f241af1cf1513631da05ffbaede6bcd16e93571
0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3878
Expires: Sat, 31 Aug 2024 23:53:49 GMT
Date: Sat, 31 Aug 2024 22:49:11 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
20c9eec1ed6a0f3c730b021493b9e3ec
9f241af1cf1513631da05ffbaede6bcd16e93571
0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3878
Expires: Sat, 31 Aug 2024 23:53:49 GMT
Date: Sat, 31 Aug 2024 22:49:11 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e6866ad05e2a1ee6905d2bb085f8405f
5bc9bee1d737dbc01b06d1ce14be28d8c1fece97
87c65ecfcd132c2ef0ced460b011f62680321774674f5e0a240dc33d668c1711

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "87C65ECFCD132C2EF0CED460B011F62680321774674F5E0A240DC33D668C1711"
Last-Modified: Sat, 31 Aug 2024 05:14:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16324
Expires: Sun, 01 Sep 2024 03:21:15 GMT
Date: Sat, 31 Aug 2024 22:49:11 GMT
Connection: keep-alive

indexeslaughter.com/96/2f/9d/962f9de1736de6fd656a3e9a1cebaee9.js

172.240.127.234

200 OK

16 kB

URL GET HTTP/1.1
indexeslaughter.com/96/2f/9d/962f9de1736de6fd656a3e9a1cebaee9.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.6jten.com/835.html
Certificate
IssuerLet's Encrypt
Subjectindexeslaughter.com
Fingerprint55:41:82:14:94:AC:81:F7:B9:98:1E:9A:2A:79:EE:16:51:C8:1F:C0
ValidityTue, 02 Jul 2024 09:27:14 GMT - Mon, 30 Sep 2024 09:27:13 GMT

File type
JavaScript source, ASCII text, with very long lines (44861), with no line terminators
Size
16 kB (16306 bytes)
Hash
e448f5410b9d7962c0a288cf24c8eca9
695b1ee37b95c24c6aa3db42edcc5167cdaa69f1
5c3019f1c5cf945a90511e7bef11aa2651870e79854eefeb168da072ca07efaf

HTTP Headers

GET /96/2f/9d/962f9de1736de6fd656a3e9a1cebaee9.js HTTP/1.1
Host: indexeslaughter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 31 Aug 2024 22:49:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_FEATURES-1829_sb=0; expires=Sat, 31 Aug 2024 22:49:11 GMT; secure; SameSite=None
Host: indexeslaughter.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: f7da609bc4c2534f9030252519302e7f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.6jten.com/wp-content/uploads/2024/07/6jten.png

104.21.9.177

200 OK

20 kB

URL GET HTTP/3
www.6jten.com/wp-content/uploads/2024/07/6jten.png
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type
PNG image data, 300 x 98, 8-bit/color RGBA, interlaced
Size
20 kB (20222 bytes)
Hash
01270ce8c65060f98654df82c8c6feb5
e5668c96a37f5763e162b1935cb15c04e249e6c4
850b79b22b50d317be47dd2aac7fcc5e31c7f7afe5fa7ad5e4d6dce77ab93317

HTTP Headers

GET /wp-content/uploads/2024/07/6jten.png HTTP/1.1
Host: www.6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.6jten.com/835.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 31 Aug 2024 22:49:12 GMT
content-type: image/png
content-length: 20222
last-modified: Tue, 16 Jul 2024 17:57:04 GMT
etag: "6696b470-4efe"
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M7hJ%2BrDbjZYinprVogQLNF5ImRiPbwQiDwX6j6MiflpnPQZgsPq6OwczXBLJx8MN9iLyNzWa2KGkoTg28Ina5D3oXva8GkWT5i1fjw34qS2V94FlugcrrPpjHnakkmTs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc09285ae6db511-OSL
alt-svc: h3=":443"; ma=86400

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fd0cba0be026b652bbffe7b1677f7a50
14e043560f93c989426b59a5ce88ba1758ef3d1f
ec79b16ec123b0034a02b557ad26892d404fcd5c573f516ead9bcc3f585702b9

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 22:49:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fd0cba0be026b652bbffe7b1677f7a50
14e043560f93c989426b59a5ce88ba1758ef3d1f
ec79b16ec123b0034a02b557ad26892d404fcd5c573f516ead9bcc3f585702b9

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 22:49:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

216.58.207.227

200 OK

11 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint83:B4:3A:CF:52:DA:10:B6:EA:48:49:6C:BD:57:5C:44:4E:10:A8:97
ValidityMon, 05 Aug 2024 07:18:20 GMT - Mon, 28 Oct 2024 07:18:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11040, version 1.0
Size
11 kB (11040 bytes)
Hash
5e22a46c04d947a36ea0cad07afcc9e1
6091d981c2a4ee975c7f6b56186ee698040bb804
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.6jten.com
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 07:08:18 GMT
expires: Sat, 30 Aug 2025 07:08:18 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 142856
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

216.58.207.227

200 OK

11 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint83:B4:3A:CF:52:DA:10:B6:EA:48:49:6C:BD:57:5C:44:4E:10:A8:97
ValidityMon, 05 Aug 2024 07:18:20 GMT - Mon, 28 Oct 2024 07:18:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11028, version 1.0
Size
11 kB (11028 bytes)
Hash
1f6d3cf6d38f25d83d95f5a800b8cac3
279f300ca2cbbdf9f5036ef2f438607fbf377daa
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.6jten.com
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Aug 2024 21:05:05 GMT
expires: Fri, 29 Aug 2025 21:05:05 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
age: 179049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fd0cba0be026b652bbffe7b1677f7a50
14e043560f93c989426b59a5ce88ba1758ef3d1f
ec79b16ec123b0034a02b557ad26892d404fcd5c573f516ead9bcc3f585702b9

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 22:49:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

216.58.207.227

200 OK

13 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint83:B4:3A:CF:52:DA:10:B6:EA:48:49:6C:BD:57:5C:44:4E:10:A8:97
ValidityMon, 05 Aug 2024 07:18:20 GMT - Mon, 28 Oct 2024 07:18:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 12684, version 1.0
Size
13 kB (12684 bytes)
Hash
d83f1599340e8afa7a36461059a80b81
2e90b6c64c1c312c5a872cdaa05e6fc0d38ea7cb
1af0ee2e409d753adfedb8a11628be961881ad5139d1a9252fcc4984cbce5f2d

HTTP Headers

GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.6jten.com
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 07:08:27 GMT
expires: Sat, 30 Aug 2025 07:08:27 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 142847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fd0cba0be026b652bbffe7b1677f7a50
14e043560f93c989426b59a5ce88ba1758ef3d1f
ec79b16ec123b0034a02b557ad26892d404fcd5c573f516ead9bcc3f585702b9

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 22:49:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i1.wp.com/driversprep.com/wp-content/uploads/2020/12/US.25.MA_.02JOL1-1.jpg?w=250&resize=250,250&ssl=1

192.0.77.2

200 OK

5.5 kB

URL GET HTTP/2
i1.wp.com/driversprep.com/wp-content/uploads/2020/12/US.25.MA_.02JOL1-1.jpg?w=250&resize=250,250&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://www.6jten.com/835.html
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.5 kB (5492 bytes)
Hash
f7b705cc8a9633427929016c943a6043
8591c119af70f3db25b8f3ab23ebafeea32dd5fb
5c5f7cd9f4d5f3841d5ac9d7dbf4ee9c5f927079a9b4f3dd0fe52fe99b272eb5

HTTP Headers

GET /driversprep.com/wp-content/uploads/2020/12/US.25.MA_.02JOL1-1.jpg?w=250&resize=250,250&ssl=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 22:49:14 GMT
content-type: image/webp
content-length: 5492
last-modified: Sat, 31 Aug 2024 22:49:14 GMT
expires: Tue, 01 Sep 2026 10:49:14 GMT
cache-control: public, max-age=63115200
link: <https://driversprep.com/wp-content/uploads/2020/12/US.25.MA_.02JOL1-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "9cb0f5ce141a4c72"
vary: Accept
x-nc: MISS arn 6
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

www.6jten.com/wp-content/themes/revenue-pro/assets/js/html5.js

104.21.9.177

200 OK

10 kB

URL GET HTTP/3
www.6jten.com/wp-content/themes/revenue-pro/assets/js/html5.js
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type
JavaScript source, ASCII text
Size
10 kB (10100 bytes)
Hash
5ee990907b315027da600eeeaee2e04b
a5767b8325822da1212f702e79aea069747e4747
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

HTTP Headers

GET /wp-content/themes/revenue-pro/assets/js/html5.js HTTP/1.1
Host: www.6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.6jten.com/835.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 31 Aug 2024 22:49:12 GMT
content-type: application/javascript
last-modified: Tue, 09 Jul 2024 15:46:26 GMT
etag: W/"668d5b52-285a"
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpiAYjauvLVS6jWMKOOYmZi0OXDoNlYKpE9gWpP2PfbkJtfX%2FQ%2BDE6GVNdjb9%2BhzdRo%2Bz5Cy%2FDcY9z%2BJMFLiO90FqjUo3r7K7GaIfT4onqfNMRo27VqxiedB7%2Fq6KjX7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc09285ae77b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i0.wp.com/d1ldvf68ux039x.cloudfront.net/thumbs/photos/1905/5439831/1000w_q95.jpg?w=250&resize=250,250&ssl=1

192.0.77.2

200 OK

7.9 kB

URL GET HTTP/2
i0.wp.com/d1ldvf68ux039x.cloudfront.net/thumbs/photos/1905/5439831/1000w_q95.jpg?w=250&resize=250,250&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://www.6jten.com/835.html
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.9 kB (7876 bytes)
Hash
cd203b2d4c83b967a1bfc17076d95e03
e20df51ece2ac5bbeee75c8c9c2662407624f28a
e1b3e019df2087f2e8fcd790ec4a0df8e8935e84f96878d7deb1f0259b8a2be5

HTTP Headers

GET /d1ldvf68ux039x.cloudfront.net/thumbs/photos/1905/5439831/1000w_q95.jpg?w=250&resize=250,250&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 22:49:14 GMT
content-type: image/webp
content-length: 7876
last-modified: Sat, 31 Aug 2024 22:49:14 GMT
expires: Tue, 01 Sep 2026 10:49:14 GMT
cache-control: public, max-age=63115200
link: <https://d1ldvf68ux039x.cloudfront.net/thumbs/photos/1905/5439831/1000w_q95.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "aa26076569b301f8"
vary: Accept
x-nc: MISS arn 7
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/res.cloudinary.com/glide/image/fetch/https%3A%2F%2Fi.ytimg.com%2Fvi%2FbsibjbwjTWk%2Fmaxresdefault.jpg?w=250&resize=250,250&ssl=1

192.0.77.2

200 OK

8.1 kB

URL GET HTTP/2
i1.wp.com/res.cloudinary.com/glide/image/fetch/https%3A%2F%2Fi.ytimg.com%2Fvi%2FbsibjbwjTWk%2Fmaxresdefault.jpg?w=250&resize=250,250&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://www.6jten.com/835.html
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.1 kB (8072 bytes)
Hash
cb8bf89bddc14cb077eb37cd27e972b0
eabe1793e0c71fd7d685921bfa094593bc0430f0
eb52d31e1ebabc9e6c8388ba4d1c052819824e6a529769588999c4c52ee50482

HTTP Headers

GET /res.cloudinary.com/glide/image/fetch/https%3A%2F%2Fi.ytimg.com%2Fvi%2FbsibjbwjTWk%2Fmaxresdefault.jpg?w=250&resize=250,250&ssl=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 22:49:14 GMT
content-type: image/webp
content-length: 8072
last-modified: Sat, 31 Aug 2024 22:49:14 GMT
expires: Tue, 01 Sep 2026 10:49:14 GMT
cache-control: public, max-age=63115200
link: <https://res.cloudinary.com/glide/image/fetch/https%3A%2F%2Fi.ytimg.com%2Fvi%2FbsibjbwjTWk%2Fmaxresdefault.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "ddcb434b1badaffe"
vary: Accept
x-nc: MISS arn 4
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/d29ci68ykuu27r.cloudfront.net/items/21934630/cover_images/cover-large_file.png?w=250&resize=250,250&ssl=1

192.0.77.2

200 OK

16 kB

URL GET HTTP/2
i0.wp.com/d29ci68ykuu27r.cloudfront.net/items/21934630/cover_images/cover-large_file.png?w=250&resize=250,250&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://www.6jten.com/835.html
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
16 kB (16176 bytes)
Hash
d70b362354f14651dac7ffb789da6a19
2a8a8a29ab9d049c1b11913d6216969ad905d736
d60c4781bb73190c5d711c9971b07314746d7c2775dd0f58577619d9f64e62b8

HTTP Headers

GET /d29ci68ykuu27r.cloudfront.net/items/21934630/cover_images/cover-large_file.png?w=250&resize=250,250&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 22:49:14 GMT
content-type: image/webp
content-length: 16176
last-modified: Sat, 31 Aug 2024 22:49:14 GMT
expires: Tue, 01 Sep 2026 10:49:14 GMT
cache-control: public, max-age=63115200
link: <https://d29ci68ykuu27r.cloudfront.net/items/21934630/cover_images/cover-large_file.png>; rel="canonical"
x-content-type-options: nosniff
etag: "a32ddbb16f911c01"
vary: Accept
x-nc: MISS arn 4
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

binaryjoy.co.uk/i/images/2023-09/4f4aa470-aegislash-pokemon-radical-red-1160x653-800x2000-g.webp

104.21.45.107

200 OK

22 kB

URL GET HTTP/2
binaryjoy.co.uk/i/images/2023-09/4f4aa470-aegislash-pokemon-radical-red-1160x653-800x2000-g.webp
IP
104.21.45.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subjectbinaryjoy.co.uk
Fingerprint57:C8:C5:8E:84:F2:F1:C7:93:67:F5:C1:91:49:50:C0:5E:41:45:52
ValiditySat, 03 Aug 2024 00:59:40 GMT - Fri, 01 Nov 2024 00:59:39 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 800x450, Scaling: [none]x[none], YUV color, decoders should clamp
Size
22 kB (22218 bytes)
Hash
398f55bdb7eae15e85f43d724fb59055
ae488f7bf6bab825dd43a0b417ebed9c14abb531
e43ff997f7eaa6dc1610676317d490e54223f0b7a6f679ce2a0d0471a90e7e60

HTTP Headers

GET /i/images/2023-09/4f4aa470-aegislash-pokemon-radical-red-1160x653-800x2000-g.webp HTTP/1.1
Host: binaryjoy.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 31 Aug 2024 22:49:14 GMT
content-type: image/webp
content-length: 22218
cache-control: max-age=14400
etag: "8eab514baa4ee998a42b16fcebf36c1c45686728581bca80e5af8649b5e7e7db"
last-modified: Thu, 23 May 2024 12:50:01 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-osl6531-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1725144555.574884,VS0,VE113
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EaaKFgTJPPgssQKXsgeLTW7U579gDvIeO%2B6gy2ItyBtBvXJ9fLUrKygghCWR6A44UCpVwxUL41TEzgPbvcfEVQCPG25g59DMsFaisZOuJxcqlP2KRFlyzk5TapADMavkgXE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bc0929a0f88712d-OSL
X-Firefox-Spdy: h2

i3.wp.com/musescore.com/static/musescore/scoredata/gen/6/5/7/5490756/b33bc95f4a47c9036c80e765c03677ec0fa4241e/score_0.png@850x1100?no-cachee=1552883948&w=250&resize=250,250&ssl=1

192.0.77.2

200 OK

9.9 kB

URL GET HTTP/2
i3.wp.com/musescore.com/static/musescore/scoredata/gen/6/5/7/5490756/b33bc95f4a47c9036c80e765c03677ec0fa4241e/score_0.png@850x1100?no-cachee=1552883948&w=250&resize=250,250&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://www.6jten.com/835.html
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit colormap, non-interlaced
Size
9.9 kB (9903 bytes)
Hash
37df504b2aa46e3fc6085e4c68f70874
2fcf6f2e2a982dbf172f0279b6080b7e476572e4
9fda359b321e7473a5d1421d3ad817ab18c7fbb54f00d7636caec1d4eb63a701

HTTP Headers

GET /musescore.com/static/musescore/scoredata/gen/6/5/7/5490756/b33bc95f4a47c9036c80e765c03677ec0fa4241e/score_0.png@850x1100?no-cachee=1552883948&w=250&resize=250,250&ssl=1 HTTP/1.1
Host: i3.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 22:49:14 GMT
content-type: image/png
content-length: 9903
last-modified: Sat, 31 Aug 2024 22:49:14 GMT
expires: Tue, 01 Sep 2026 10:49:14 GMT
cache-control: public, max-age=63115200
link: <https://musescore.com/static/musescore/scoredata/gen/6/5/7/5490756/b33bc95f4a47c9036c80e765c03677ec0fa4241e/score_0.png@850x1100>; rel="canonical"
x-content-type-options: nosniff
etag: "0217c8b9c2950214"
x-bytes-saved: 11570
vary: Accept
x-nc: MISS arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
51d59c06f2f0d6a266e54a66a1dc7f5e
1257a9767ad0b68368d915d6ee9f764e4cc2bd02
1de6132e403314f6e161a9a255d3dfa5ca7d9a2264774276020ecfcb634b7724

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 31 Aug 2024 22:49:14 GMT
Last-Modified: Sat, 31 Aug 2024 22:33:32 GMT
Server: ECAcc (ska/F757)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _jMjd1N_KfucruZiqzKkUWaUiEueC7hh51JX_AEfvtve34m8iJ73JQ==
Age: 942

proftrafficcounter.com/stats

35.156.220.253

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
35.156.220.253:443
ASN
#16509 AMAZON-02

Requested by
https://www.6jten.com/835.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a40a6f744bf5c1e7cc8ea165a55dd270
b12dfe5a6fefc0b535a4618a52cc4e13e989c698
7227a2974ec8d5ce9cf281aa7c8b0d2e51b511aeea5b085d8364a1893bdb027d

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.6jten.com
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 31 Aug 2024 22:49:14 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.6jten.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=f98329e8-1435-4059-bb4d-2a101de41899:1:1; expires=Tue, 29 Aug 2034 22:49:14 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

i1.wp.com/res.cloudinary.com/glide/image/fetch/https%3A%2F%2Fi.ytimg.com%2Fvi%2FrfKV4qQLVNA%2Fmaxresdefault.jpg?w=250&resize=250,250&ssl=1

192.0.77.2

200 OK

4.3 kB

URL GET HTTP/2
i1.wp.com/res.cloudinary.com/glide/image/fetch/https%3A%2F%2Fi.ytimg.com%2Fvi%2FrfKV4qQLVNA%2Fmaxresdefault.jpg?w=250&resize=250,250&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://www.6jten.com/835.html
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
4.3 kB (4338 bytes)
Hash
46f6a203f180fb0b5078abe254ea2b3f
1408e3835c8096e2eec801cc3107d51bab5effb1
256ca19d042f9371fc62c59f2e820807c0df092480fb7c69887e443a4948f20f

HTTP Headers

GET /res.cloudinary.com/glide/image/fetch/https%3A%2F%2Fi.ytimg.com%2Fvi%2FrfKV4qQLVNA%2Fmaxresdefault.jpg?w=250&resize=250,250&ssl=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 22:49:14 GMT
content-type: image/webp
content-length: 4338
last-modified: Sat, 31 Aug 2024 22:49:14 GMT
expires: Tue, 01 Sep 2026 10:49:14 GMT
cache-control: public, max-age=63115200
link: <https://res.cloudinary.com/glide/image/fetch/https%3A%2F%2Fi.ytimg.com%2Fvi%2FrfKV4qQLVNA%2Fmaxresdefault.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "85a4f38ed984384d"
vary: Accept
x-nc: MISS arn 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-header-211b10de.min.css

104.21.9.177

200 OK

9.1 kB

URL GET HTTP/3
www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-header-211b10de.min.css
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type
ASCII text, with very long lines (5354), with no line terminators
Size
9.1 kB (9144 bytes)
Hash
dcb5e00674e3e4cc7532eafbfa8ed235
34674da903073fceb5e0199cb564f1c5e5b32eae
9f07067499de16564d4eac4b612b8745e2cbb0b4f181b0a8919a9c25b5043ed6

HTTP Headers

GET /wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-header-211b10de.min.css HTTP/1.1
Host: www.6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.6jten.com/835.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 31 Aug 2024 22:49:12 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 18:05:41 GMT
etag: W/"6696b675-14ea"
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pZbKd3u%2FclMiH6of8sSF4xazjZmdRillVx%2BxWFi191Kc3RJpYcO05%2Bz%2Fu1n%2FjnqfwveyYp%2Bwc8wLlwrjoZ4mlhCmnFPJFmSQEvwRtPWvAontWvlWeZ0ozvDXj%2B8SSsrO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc09285ae68b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f825f4519f3162d5966d675cae2238b2
42768453c6c78759084db074469628860f62925a
dd5ae35d5f926cb5b4f69dc4e2c85ce87944faf53a3b45d1f1f412bf262d6166

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DD5AE35D5F926CB5B4F69DC4E2C85CE87944FAF53A3B45D1F1F412BF262D6166"
Last-Modified: Fri, 30 Aug 2024 18:04:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15304
Expires: Sun, 01 Sep 2024 03:04:18 GMT
Date: Sat, 31 Aug 2024 22:49:14 GMT
Connection: keep-alive

takegerman.com/sbar.json?key=962f9de1736de6fd656a3e9a1cebaee9&psid=FEATURES-1829_sb_0

172.240.127.234

200 OK

8.0 kB

URL GET HTTP/1.1
takegerman.com/sbar.json?key=962f9de1736de6fd656a3e9a1cebaee9&psid=FEATURES-1829_sb_0
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.6jten.com/835.html
Certificate
IssuerLet's Encrypt
Subjecttakegerman.com
FingerprintDA:A2:E5:72:17:00:15:73:BD:41:B4:C0:58:0F:2B:59:BF:41:98:B8
ValidityFri, 30 Aug 2024 16:50:07 GMT - Thu, 28 Nov 2024 16:50:06 GMT

File type
JSON text data
Size
8.0 kB (7963 bytes)
Hash
912f00604f3435930dd20fc059579c02
ad736a507873aba3c3de9c344c9740afa86e562a
88a87be2e5934f7667a5afc08386e2a7dd6ea28547fd9b5112acb7e45040e466

HTTP Headers

GET /sbar.json?key=962f9de1736de6fd656a3e9a1cebaee9&psid=FEATURES-1829_sb_0 HTTP/1.1
Host: takegerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.6jten.com
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 31 Aug 2024 22:49:15 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.6jten.com
Access-Control-Allow-Origin: https://www.6jten.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22172474; expires=Sun, 01 Sep 2024 22:49:15 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sun, 01 Sep 2024 22:49:15 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 01 Sep 2024 22:49:15 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Sun, 01 Sep 2024 22:49:15 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Sun, 01 Sep 2024 22:49:15 GMT; path=/; secure; SameSite=None
Host: takegerman.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 518b503a190bd293325438f30f9f7451
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.6jten.com/wp-content/themes/revenue-pro/genericons/genericons/genericons.css

104.21.9.177

200 OK

17 kB

URL GET HTTP/3
www.6jten.com/wp-content/themes/revenue-pro/genericons/genericons/genericons.css
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type
ASCII text, with very long lines (18732)
Size
17 kB (16559 bytes)
Hash
13a6500ddf36c6dd581877aefc78d34d
3ab844aaad6045edbe2da9e78c3c9f41599b67d6
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

HTTP Headers

GET /wp-content/themes/revenue-pro/genericons/genericons/genericons.css HTTP/1.1
Host: www.6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.6jten.com/wp-content/themes/revenue-pro/genericons/genericons.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 31 Aug 2024 22:49:14 GMT
content-type: text/css
last-modified: Tue, 09 Jul 2024 15:46:26 GMT
etag: W/"668d5b52-6e6a"
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BaUbgoVYQaIRsL31mh0YME7gwf8Jm35W6NHEEJ1xvzZSFmv9yYNXeibRtZw7g9aGaFPH%2BY2aOnwAv7dafEa21VogMzHKYYjm1%2BHb5U1hQv%2F7A02YRNip%2BErQN3wbcoUC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc0928d7dbcb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

takegerman.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bVRd9k0TfptInUVVigZBmCQicGTsex%2B0CNSSG0NCWpBWwit7Me3ZuPZ43em9%2BOF5FVEJdmmxYIU2Ok0a0EQIWiA0VsiuxqFQpLpssyD%2FAEok1sokwvdLMveee%2B6Tzzn1fHKTnrIyUn61%2BpHoUhnyxWnLsNz513Wv2BkVp1%2B4ue9ve0jVbZ1frXsl5035fBm21WHZcx3Ed126Qlk3VXZyQoPik7pbqTmmpXHKrS%2Bjql7FJLRhuQWTn7DJIjBeeWldAwRBR57tVadqJit9e66QhT5RGJo7vRu1I5RE6s7KpLTSj44tpKHPaeAIVHU3lQmX%2FDvo0ZtavT%2BBHxxci4WeHU51%2BCBnBF5eQZ0PIcAjiQwTqPkicMiAQuHkLUefhTaVzvvsPyyfsmC389ScoH7OF368g6ny7ElLX3lJhmpCKDLrNl29M3RGoNUScjpD05kD5CEHyOUg8Z86rlxB1Hn8w%2Bimjtp1J3QaJYmoH0RDUHCKUfXBjIZ18ZCFtWkhjCx1xZgeu69YcEXBnuR4EFVGTviccl9eaLncdbxlpMFHcRxL3EYR9BHoPsd5Dm748rV6GTn%2BB2SlghAWTjJn18R4yUSCXDLlhyDlDTgx5wpBnxZEITdkUD0VoUt%2B9yOWLXCkGKmkd8COVtGTEwHUfWhQH8Tl7ZeKatbl1FW15Zte9crMupFureEJ6TeFVPV6Rde4G0udS1mHoh8ba9Tt3N9e23nGXy%2FVt4287IDM39aFHY1ZtZIhpzOaffwifj2DCEQKaB09fB88L8J0CveiE3%2BPkl3zqlUhAqAJxsoBk1zoIz9lr003e%2BGofMnjGLgKBLhDrAvfoKUMrfDDYVDk73FS5Yd%2FfihPqUI9PtryV8ET%2B79ENuZsrLdZXTf%2Bb68GEmJQnd6RJNngkKGoZ9niFhJC6oXQg2c%2Fr5hPp307NzkqqozTeuP1eY70Ta2kMqWgITqef7SOgMfv%2FjxvT5%2FuW%2FRtID6HTAp10ppTUEEG8BxPPekYx6HCG%2FdhCnhYDXfZnzZAYQjnD3C9g%2FoP9WT3QfHKaU3FgHqCl58CT%2B4g6BTJdIAsL8LAPk84Pklg%2Fe%2FdFZRrww7mBH%2Bq5Qz%2FU4f7U5MnvEQyd2bVKxeFeverWalzW%2FKXyctNzBeflJa%2FsebyCxIybL77%2B4%2B8AAAD%2F%2F39xywaYBAAA

172.240.127.234

200 OK

7 B

URL GET HTTP/1.1
takegerman.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bVRd9k0TfptInUVVigZBmCQicGTsex%2B0CNSSG0NCWpBWwit7Me3ZuPZ43em9%2BOF5FVEJdmmxYIU2Ok0a0EQIWiA0VsiuxqFQpLpssyD%2FAEok1sokwvdLMveee%2B6Tzzn1fHKTnrIyUn61%2BpHoUhnyxWnLsNz513Wv2BkVp1%2B4ue9ve0jVbZ1frXsl5035fBm21WHZcx3Ed126Qlk3VXZyQoPik7pbqTmmpXHKrS%2Bjql7FJLRhuQWTn7DJIjBeeWldAwRBR57tVadqJit9e66QhT5RGJo7vRu1I5RE6s7KpLTSj44tpKHPaeAIVHU3lQmX%2FDvo0ZtavT%2BBHxxci4WeHU51%2BCBnBF5eQZ0PIcAjiQwTqPkicMiAQuHkLUefhTaVzvvsPyyfsmC389ScoH7OF368g6ny7ElLX3lJhmpCKDLrNl29M3RGoNUScjpD05kD5CEHyOUg8Z86rlxB1Hn8w%2Bimjtp1J3QaJYmoH0RDUHCKUfXBjIZ18ZCFtWkhjCx1xZgeu69YcEXBnuR4EFVGTviccl9eaLncdbxlpMFHcRxL3EYR9BHoPsd5Dm748rV6GTn%2BB2SlghAWTjJn18R4yUSCXDLlhyDlDTgx5wpBnxZEITdkUD0VoUt%2B9yOWLXCkGKmkd8COVtGTEwHUfWhQH8Tl7ZeKatbl1FW15Zte9crMupFureEJ6TeFVPV6Rde4G0udS1mHoh8ba9Tt3N9e23nGXy%2FVt4287IDM39aFHY1ZtZIhpzOaffwifj2DCEQKaB09fB88L8J0CveiE3%2BPkl3zqlUhAqAJxsoBk1zoIz9lr003e%2BGofMnjGLgKBLhDrAvfoKUMrfDDYVDk73FS5Yd%2FfihPqUI9PtryV8ET%2B79ENuZsrLdZXTf%2Bb68GEmJQnd6RJNngkKGoZ9niFhJC6oXQg2c%2Fr5hPp307NzkqqozTeuP1eY70Ta2kMqWgITqef7SOgMfv%2FjxvT5%2FuW%2FRtID6HTAp10ppTUEEG8BxPPekYx6HCG%2FdhCnhYDXfZnzZAYQjnD3C9g%2FoP9WT3QfHKaU3FgHqCl58CT%2B4g6BTJdIAsL8LAPk84Pklg%2Fe%2FdFZRrww7mBH%2Bq5Qz%2FU4f7U5MnvEQyd2bVKxeFeverWalzW%2FKXyctNzBeflJa%2FsebyCxIybL77%2B4%2B8AAAD%2F%2F39xywaYBAAA
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.6jten.com/835.html
Certificate
IssuerLet's Encrypt
Subjecttakegerman.com
FingerprintDA:A2:E5:72:17:00:15:73:BD:41:B4:C0:58:0F:2B:59:BF:41:98:B8
ValidityFri, 30 Aug 2024 16:50:07 GMT - Thu, 28 Nov 2024 16:50:06 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bVRd9k0TfptInUVVigZBmCQicGTsex%2B0CNSSG0NCWpBWwit7Me3ZuPZ43em9%2BOF5FVEJdmmxYIU2Ok0a0EQIWiA0VsiuxqFQpLpssyD%2FAEok1sokwvdLMveee%2B6Tzzn1fHKTnrIyUn61%2BpHoUhnyxWnLsNz513Wv2BkVp1%2B4ue9ve0jVbZ1frXsl5035fBm21WHZcx3Ed126Qlk3VXZyQoPik7pbqTmmpXHKrS%2Bjql7FJLRhuQWTn7DJIjBeeWldAwRBR57tVadqJit9e66QhT5RGJo7vRu1I5RE6s7KpLTSj44tpKHPaeAIVHU3lQmX%2FDvo0ZtavT%2BBHxxci4WeHU51%2BCBnBF5eQZ0PIcAjiQwTqPkicMiAQuHkLUefhTaVzvvsPyyfsmC389ScoH7OF368g6ny7ElLX3lJhmpCKDLrNl29M3RGoNUScjpD05kD5CEHyOUg8Z86rlxB1Hn8w%2Bimjtp1J3QaJYmoH0RDUHCKUfXBjIZ18ZCFtWkhjCx1xZgeu69YcEXBnuR4EFVGTviccl9eaLncdbxlpMFHcRxL3EYR9BHoPsd5Dm748rV6GTn%2BB2SlghAWTjJn18R4yUSCXDLlhyDlDTgx5wpBnxZEITdkUD0VoUt%2B9yOWLXCkGKmkd8COVtGTEwHUfWhQH8Tl7ZeKatbl1FW15Zte9crMupFureEJ6TeFVPV6Rde4G0udS1mHoh8ba9Tt3N9e23nGXy%2FVt4287IDM39aFHY1ZtZIhpzOaffwifj2DCEQKaB09fB88L8J0CveiE3%2BPkl3zqlUhAqAJxsoBk1zoIz9lr003e%2BGofMnjGLgKBLhDrAvfoKUMrfDDYVDk73FS5Yd%2FfihPqUI9PtryV8ET%2B79ENuZsrLdZXTf%2Bb68GEmJQnd6RJNngkKGoZ9niFhJC6oXQg2c%2Fr5hPp307NzkqqozTeuP1eY70Ta2kMqWgITqef7SOgMfv%2FjxvT5%2FuW%2FRtID6HTAp10ppTUEEG8BxPPekYx6HCG%2FdhCnhYDXfZnzZAYQjnD3C9g%2FoP9WT3QfHKaU3FgHqCl58CT%2B4g6BTJdIAsL8LAPk84Pklg%2Fe%2FdFZRrww7mBH%2Bq5Qz%2FU4f7U5MnvEQyd2bVKxeFeverWalzW%2FKXyctNzBeflJa%2FsebyCxIybL77%2B4%2B8AAAD%2F%2F39xywaYBAAA HTTP/1.1
Host: takegerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Cookie: u_pl=22172474; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 31 Aug 2024 22:49:15 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: takegerman.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e748b6598f71d479f44d9796af681b48
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

takegerman.com/pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Findex.html&l=1553&fd=169

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
takegerman.com/pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Findex.html&l=1553&fd=169
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.6jten.com/835.html
Certificate
IssuerLet's Encrypt
Subjecttakegerman.com
FingerprintDA:A2:E5:72:17:00:15:73:BD:41:B4:C0:58:0F:2B:59:BF:41:98:B8
ValidityFri, 30 Aug 2024 16:50:07 GMT - Thu, 28 Nov 2024 16:50:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Findex.html&l=1553&fd=169 HTTP/1.1
Host: takegerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Cookie: u_pl=22172474; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 31 Aug 2024 22:49:15 GMT
Content-Length: 0
Connection: keep-alive
Host: takegerman.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/img/1.jpg

188.114.96.1

200 OK

36 kB

URL GET HTTP/2
cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/img/1.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintF8:81:29:04:51:9E:EB:84:A7:36:0A:98:7D:E7:09:9D:A2:5D:A7:79
ValidityTue, 20 Aug 2024 16:31:08 GMT - Mon, 18 Nov 2024 16:31:07 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3
Size
36 kB (36061 bytes)
Hash
fc90b66d3831faf345c0a6173f02746f
4f5310e4fb903bdd4dceaa5d4095e48a83673a69
a2b1cc40143d3a9c13f5ffb5040a72ad972bc7d285c7eceef8708efe369fdeb4

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/img/1.jpg HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 31 Aug 2024 22:49:15 GMT
content-type: image/jpeg
content-length: 36061
last-modified: Thu, 01 Feb 2024 14:48:15 GMT
etag: "65bbaf2f-8cdd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 384031
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U8ApaX6y9Udu7FoMYiA61J%2BWRmRV2Y%2BCqX%2F7jwXZ1zt7PffHOw1KCvIxE9I%2ByN11bNcQ5ztp%2FQ0YHInedLp5t%2B49NYgDrJ5vhr%2BpNuha5iniV506xWQgUypqo3dGyoX0YRttOx4ak7rj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc092a0a9d90b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.show-creative1.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/index.html

104.21.15.229

200 OK

886 B

URL GET HTTP/2
cdn.show-creative1.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/index.html
IP
104.21.15.229:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subjectshow-creative1.com
Fingerprint2C:84:C0:DA:8F:5C:A7:50:3A:76:B0:36:FB:1E:3C:92:78:B8:5B:03
ValidityTue, 20 Aug 2024 17:20:56 GMT - Mon, 18 Nov 2024 17:20:55 GMT

File type
HTML document, ASCII text
Size
886 B (886 bytes)
Hash
ce4be93e7b99025fb8589f1f77328164
cdf30c3570f7c7ed0840ba7fe72abeeae9c29988
892770f87203561e88170098d4d7bf67c604abc086e165cbe07782aab5514a38

HTTP Headers

GET /sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/index.html HTTP/1.1
Host: cdn.show-creative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.6jten.com
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 31 Aug 2024 22:49:15 GMT
content-type: text/html
last-modified: Thu, 01 Feb 2024 14:48:10 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4r4X4Jm%2FtiyT3MkYuXo%2B60d2PkrViZJM04KUQx5Rouk%2BM3F2z19CgxNwHeymc14mExepdp2nmTvXQR4ahGUGr4MMjAHMPRWyeymyZ6W3nxw2c87855sW9Z0LWRMKfENgY4NvwUCPzqQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bc0929edb1f56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i2.wp.com/image.rakuten.co.jp/auc-saladabowl/cabinet/img19/tf-ringsize.jpg?w=250&resize=250,250&ssl=1

192.0.77.2

200 OK

4.8 kB

URL GET HTTP/2
i2.wp.com/image.rakuten.co.jp/auc-saladabowl/cabinet/img19/tf-ringsize.jpg?w=250&resize=250,250&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://www.6jten.com/835.html
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
4.8 kB (4828 bytes)
Hash
3b4c71758582da7e01d36368a6b285e7
57cdfe712c26a779c802c23ebc8bf27a2add7bce
bcd55758ff3a5ad7bfb2bb3d50c7b008340ce32a765c59446121eea50b5f272f

HTTP Headers

GET /image.rakuten.co.jp/auc-saladabowl/cabinet/img19/tf-ringsize.jpg?w=250&resize=250,250&ssl=1 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 22:49:15 GMT
content-type: image/webp
content-length: 4828
last-modified: Sat, 31 Aug 2024 22:49:15 GMT
expires: Tue, 01 Sep 2026 10:49:15 GMT
cache-control: public, max-age=63115200
link: <https://image.rakuten.co.jp/auc-saladabowl/cabinet/img19/tf-ringsize.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "35d21109a5891eef"
vary: Accept
x-nc: MISS arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
769939c6037566445fc83e83332cdb61
028f3bd0b70917fe7aae3afd003d74fff6e61829
cf8f4d32427796c8c9decb0e7136e8672fcd988e96b2e54de2c5345a7e28ffb5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 22:49:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/animate.css

188.114.96.1

200 OK

4.9 kB

URL GET HTTP/2
cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/animate.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintF8:81:29:04:51:9E:EB:84:A7:36:0A:98:7D:E7:09:9D:A2:5D:A7:79
ValidityTue, 20 Aug 2024 16:31:08 GMT - Mon, 18 Nov 2024 16:31:07 GMT

File type
ASCII text
Size
4.9 kB (4869 bytes)
Hash
80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.6jten.com
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 31 Aug 2024 22:49:15 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:48:12 GMT
etag: W/"65bbaf2c-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VuSpFHuIHkt8RoXuZqbHbtik4PSwxrTR8XEPcYBwg19n9FLTzwx7C2mQ%2F674AxCbdRqvL5JZjyikPGE4O9c2yMK5D78A2SLtSsufb9%2FsatT%2Fv97TXHDztkVBBGN9gVGer3Ny4XEY0Rgc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc092a039930b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b2564e88d43562d9af2ffbe28a03eb45
76bcfea2217958dd83faef828d75f0400fdcbe82
2a1a116f3eac851ff37c473fea2b31cef4a34b2aa77fcf27f4db93540753592f

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "2A1A116F3EAC851FF37C473FEA2B31CEF4A34B2AA77FCF27F4DB93540753592F"
Last-Modified: Sat, 31 Aug 2024 02:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6171
Expires: Sun, 01 Sep 2024 00:32:07 GMT
Date: Sat, 31 Aug 2024 22:49:16 GMT
Connection: keep-alive

takegerman.com/pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fjs%2Fscript.js&l=386&fd=515

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
takegerman.com/pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fjs%2Fscript.js&l=386&fd=515
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.6jten.com/835.html
Certificate
IssuerLet's Encrypt
Subjecttakegerman.com
FingerprintDA:A2:E5:72:17:00:15:73:BD:41:B4:C0:58:0F:2B:59:BF:41:98:B8
ValidityFri, 30 Aug 2024 16:50:07 GMT - Thu, 28 Nov 2024 16:50:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fjs%2Fscript.js&l=386&fd=515 HTTP/1.1
Host: takegerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Cookie: u_pl=22172474; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 31 Aug 2024 22:49:16 GMT
Content-Length: 0
Connection: keep-alive
Host: takegerman.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

unseenreport.com/pxf.gif?uuid=f98329e8-1435-4059-bb4d-2a101de41899&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=962f9de1736de6fd656a3e9a1cebaee9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22

192.243.61.225

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=f98329e8-1435-4059-bb4d-2a101de41899&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=962f9de1736de6fd656a3e9a1cebaee9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.6jten.com/835.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintD9:3D:28:C1:14:1B:2B:53:0E:E4:3E:FC:88:7A:FF:9C:45:4B:63:C7
ValiditySat, 20 Jul 2024 14:59:20 GMT - Fri, 18 Oct 2024 14:59:19 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=f98329e8-1435-4059-bb4d-2a101de41899&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=962f9de1736de6fd656a3e9a1cebaee9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 31 Aug 2024 22:49:16 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c8b731cbe93abe8d75b6258b08cb98df
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
takegerman.com/pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fstyle.css&l=3630&fd=489
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://www.6jten.com/835.html
Certificate
IssuerLet's Encrypt
Subjecttakegerman.com
FingerprintDA:A2:E5:72:17:00:15:73:BD:41:B4:C0:58:0F:2B:59:BF:41:98:B8
ValidityFri, 30 Aug 2024 16:50:07 GMT - Thu, 28 Nov 2024 16:50:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fstyle.css&l=3630&fd=489 HTTP/1.1
Host: takegerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Cookie: u_pl=22172474; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 31 Aug 2024 22:49:16 GMT
Content-Length: 0
Connection: keep-alive
Host: takegerman.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint83:B4:3A:CF:52:DA:10:B6:EA:48:49:6C:BD:57:5C:44:4E:10:A8:97
ValidityMon, 05 Aug 2024 07:18:20 GMT - Mon, 28 Oct 2024 07:18:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Size
18 kB (18536 bytes)
Hash
8eff0b8045fd1959e117f85654ae7770
227fee13ceb7c410b5c0bb8000258b6643cb6255
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

HTTP Headers

GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.6jten.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 14:56:49 GMT
expires: Sat, 30 Aug 2025 14:56:49 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
age: 114747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint83:B4:3A:CF:52:DA:10:B6:EA:48:49:6C:BD:57:5C:44:4E:10:A8:97
ValidityMon, 05 Aug 2024 07:18:20 GMT - Mon, 28 Oct 2024 07:18:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
Size
19 kB (18596 bytes)
Hash
c83e4437a53d7f849f9d32df3d6b68f3
fabea5ad92ed3e2431659b02e7624df30d0c6bbc
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

HTTP Headers

GET /s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.6jten.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Aug 2024 06:50:54 GMT
expires: Thu, 28 Aug 2025 06:50:54 GMT
cache-control: public, max-age=31536000
age: 316702
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/style.css

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/2
cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintF8:81:29:04:51:9E:EB:84:A7:36:0A:98:7D:E7:09:9D:A2:5D:A7:79
ValidityTue, 20 Aug 2024 16:31:08 GMT - Mon, 18 Nov 2024 16:31:07 GMT

File type
gzip compressed data, from Unix
Size
1.0 kB (1037 bytes)
Hash
f6dd99decb9ed74ee3dd12dfa46660aa
0483142a1af32ed526db54a353014090e8f72067
40db5d11db6d7fc0bfc567bd7d00e7bb3e7eccae7e105ec614a11948eb62e7e4

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.6jten.com
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 31 Aug 2024 22:49:15 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:48:12 GMT
etag: W/"65bbaf2c-e2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2FNOt%2BQc9Cy2Azbz1o%2BXvRXAZ0VaZ7mXkltOIdHXUiJPNUqp2RdRa4pGlU6gfNJZXP3ub7PZ%2Fl68kpcQo99Q7Bfx4xzOfo4kxEIiBZ3ig05WEHD%2FI3jzEyaN3fTagTjLjLZ2sashyaaF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc092a039910b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

takegerman.com/pixel/sbs?c=1

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
takegerman.com/pixel/sbs?c=1
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://www.6jten.com/835.html
Certificate
IssuerLet's Encrypt
Subjecttakegerman.com
FingerprintDA:A2:E5:72:17:00:15:73:BD:41:B4:C0:58:0F:2B:59:BF:41:98:B8
ValidityFri, 30 Aug 2024 16:50:07 GMT - Thu, 28 Nov 2024 16:50:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: takegerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Cookie: u_pl=22172474; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 31 Aug 2024 22:49:16 GMT
Content-Length: 0
Connection: keep-alive
Host: takegerman.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.6jten.com/wp-content/uploads/2024/07/cropped-6jten2-32x32.png

104.21.9.177

200 OK

1.7 kB

URL GET HTTP/3
www.6jten.com/wp-content/uploads/2024/07/cropped-6jten2-32x32.png
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
1.7 kB (1658 bytes)
Hash
7b43e3702465a257c0e7680197573860
fa19c80014fdbda35f35e8d5063443333294376e
0b3a6bb311e9bb951b8c9979e421d116798dc3347969800cb216a588eae2755b

HTTP Headers

GET /wp-content/uploads/2024/07/cropped-6jten2-32x32.png HTTP/1.1
Host: www.6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.6jten.com/835.html
DNT: 1
Connection: keep-alive
Cookie: cookieyes-consent=consentid:VDdBWXZwWGlsdlVtWGZBaEVRdzV5d2hLN3N5SUFLaWc,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no; sb_main_962f9de1736de6fd656a3e9a1cebaee9=1; sb_count_962f9de1736de6fd656a3e9a1cebaee9=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f98329e8-1435-4059-bb4d-2a101de41899%3A1%3A1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=takegerman.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 31 Aug 2024 22:49:17 GMT
content-type: image/png
content-length: 1658
last-modified: Tue, 16 Jul 2024 17:57:08 GMT
etag: "6696b474-67a"
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E1wKFgeBqsQ0EAi%2Fbgfv3e%2FHnb41lRurf%2B0yYM3PGU9Gd%2BZpgkbe%2BTQF1Ju4l6PvNTv8%2F06QWcnJr%2B2lbyqKaTKPJ4eL16bNfRUH1e8crShR8eVlftRY3c12Dhl%2BrBU5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc092a59f72b511-OSL
alt-svc: h3=":443"; ma=86400

www.6jten.com/wp-content/uploads/2024/07/cropped-6jten2-192x192.png

104.21.9.177

200 OK

26 kB

URL GET HTTP/3
www.6jten.com/wp-content/uploads/2024/07/cropped-6jten2-192x192.png
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
26 kB (25730 bytes)
Hash
3cbe5e64c66721a81da2527bb63d2e2a
d90a662b58187a1659044de7f2cdf3a539190992
de6a9315500c08c1a0e574cf48db036964e577df5e37833fd272207a415c3e52

HTTP Headers

GET /wp-content/uploads/2024/07/cropped-6jten2-192x192.png HTTP/1.1
Host: www.6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.6jten.com/835.html
DNT: 1
Connection: keep-alive
Cookie: cookieyes-consent=consentid:VDdBWXZwWGlsdlVtWGZBaEVRdzV5d2hLN3N5SUFLaWc,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no; sb_main_962f9de1736de6fd656a3e9a1cebaee9=1; sb_count_962f9de1736de6fd656a3e9a1cebaee9=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f98329e8-1435-4059-bb4d-2a101de41899%3A1%3A1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=takegerman.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 31 Aug 2024 22:49:17 GMT
content-type: image/png
content-length: 25730
last-modified: Tue, 16 Jul 2024 17:57:08 GMT
etag: "6696b474-6482"
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cU1R6A9PUfs9vjpYbvTVPc83fTA9onDrCKI9m4nr4BVUPzYfIUaVWZaeTpeEDFquxMGZEgpmJz4whJM8deOiYc4aYby%2FtziVCOALiiJUIloUlQaPHSezDuwrm0%2BaINUE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc092a59f71b511-OSL
alt-svc: h3=":443"; ma=86400

www.6jten.com/wp-content/themes/revenue-pro/assets/img/arrow-right.png

104.21.9.177

200 OK

396 B

URL GET HTTP/3
www.6jten.com/wp-content/themes/revenue-pro/assets/img/arrow-right.png
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type
PNG image data, 16 x 16, 4-bit colormap, non-interlaced
Size
396 B (396 bytes)
Hash
ec7b521653bf38e71c71f40f9b7d9cc4
12314633204eaf0edea47346b3fa86046af1a966
17911c30c68a58a54074106330311fd8d38c1db40d656373a00a8dd512090b1c

HTTP Headers

GET /wp-content/themes/revenue-pro/assets/img/arrow-right.png HTTP/1.1
Host: www.6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-header-a329196a.min.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 31 Aug 2024 22:49:15 GMT
content-type: image/png
content-length: 396
last-modified: Tue, 09 Jul 2024 15:46:26 GMT
etag: "668d5b52-18c"
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bS%2FpSyysrSvK3uYwbOHZ3ZK9OKDGXUmvv7nZA9WpPBkRmD68LZz1cSDX1%2FdEJP111P14IXSCGFNSBJ%2BnYleZdhILVpjWc5bHX1gz4F32XXGvLfcOSUF%2FmBTInEAMKlOp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc0929758bcb511-OSL
alt-svc: h3=":443"; ma=86400

recordedthereby.com/sfp.js

188.114.97.1

200 OK

85 kB

URL GET HTTP/2
recordedthereby.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subjectrecordedthereby.com
FingerprintA1:CB:3E:AF:CE:F5:E9:D2:26:FB:E2:D4:FE:4B:29:D2:B3:C9:AD:3B
ValiditySat, 06 Jul 2024 15:25:15 GMT - Fri, 04 Oct 2024 15:25:14 GMT

File type

Size
85 kB (85378 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 31 Aug 2024 22:49:14 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, max-age=0, private, no-cache
x-request-id: 5978bb5f3d778fab35bd98c2d68fa343
pragma: no-cache
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fLNryEEAh89G%2FpMCL2mGjDWSFhyh5n5ahrR7fABuVf9RZVDy3J47kyC%2FrQM1uSJDtWzn94Esj%2Fzn5NhFyQyzQO9kMNdUO5T05lfbeDsO7yrmeBnL%2B%2B7bbYpDMvp6fZGfoqmeBfq%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc09297df600b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
takegerman.com/pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fanimate.css&l=79245&fd=488
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.6jten.com/835.html
Certificate
IssuerLet's Encrypt
Subjecttakegerman.com
FingerprintDA:A2:E5:72:17:00:15:73:BD:41:B4:C0:58:0F:2B:59:BF:41:98:B8
ValidityFri, 30 Aug 2024 16:50:07 GMT - Thu, 28 Nov 2024 16:50:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fanimate.css&l=79245&fd=488 HTTP/1.1
Host: takegerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Cookie: u_pl=22172474; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 31 Aug 2024 22:49:16 GMT
Content-Length: 0
Connection: keep-alive
Host: takegerman.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

takegerman.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2BNw2%2FTeEHloILEe5SRaf3zmS%2B2oU0JqOxsa1Ji7oK5%2BtOTufOPZdz7sdkVsGCdDlm40q4eSZpsA2iLsSNRWYKLgqFTN1kYf4Bl4JrmTE49oV73%2Fd5n%2FfAc573fLGfnpEyUnq68pHuqzCkV6olz33jU9%2B%2F5q6rKO25vUZtq7Z0zTXZ1Wat5L3pvi95R18pe77n%2BZ7vtpSRge5dmZJQ8XHTLzW90lK55FeX0DMvY5s6sNSByM7IJSgxWXzqXIbiI0Td71ak7SQ6fnu1m4Y00QaZOLobdSKdR%2BjOy8A4CKKj82loe9J6Ah0dzuRCZ%2F8OMjUhzq9PwKKjc5Fg2cFMJwshIzBxEXk2ggxHUHQEru9DiRMCcIGbtxB1H97UJqc7%2F7B0yk7I4l9%2FQuUTsvj7ZUTdb5dD1XM3dZgmSkcWveDlG6veGKo9QpyOkfQXoPIxePI5lHhOvFcvIuo%2B%2FmD8U6Y6biZNB0oUMzuUGkEFI4RyAGodpNNPOUgDB2nsoCtOXe77ft0TnHqNJucVUZesJjyf1gOf%2Bl6tgZRPFQ%2BQxAPwcABudhGbXXTUlyfVSzDpL7DbBaxwYJMJcT7eRSYK5JIgtwQ5JcgVQZ4Q5FlxKEJbtsVDEdqU%2Bee5fJ4rxVAn7X16qJO2jAioGcCIYj8%2BI69MXXM2Nq%2BiI0%2FdZq0cNIX065WakLVA1Ko1WpFN6nPJqJRNWPVDa%2FX6nbsbq5vv%2BI1yc8uyLQ%2FKLsx86KsJqbYyxGpCLjz%2FEIyOYcMxuLoAmr4Omheg2wX60TG9RxUrMdUvKQGhC8TJIpIdZz88I6%2FNNnnjqz1I%2FoycB7gpEJsC99RTgnb4YLihc3KwoXNLvr8VJ6qr%2BnS65c2EJvJ%2Fj27InVwbsbZiB99c51NiWh7fkTZZp5FQUduSx8tKCGla2nBJfl6zn0h2O7Xby6mJ0nj99nuttW5spLVKRyNQdfLZHriakP%2F%2FuD57vm%2B5v0GZEUxaoJvOlSo9Ao93YeN5z2oCE84xix3kaTE0ZTZvhooglHNMWQH7H8zm9dDQ6Wmqin37AG2zAJrcR9QtkJkCWViAhgPY9MIwic2zd19UZgEWLgxZaBYOWGjCvZnJ098jWHXqVjxRZzKQdSaXqkuB5IJVq8zjAWcV0WhwJHYSvPj6j78DAAD%2F%2F%2F%2BlHu6YBAAA

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
takegerman.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2BNw2%2FTeEHloILEe5SRaf3zmS%2B2oU0JqOxsa1Ji7oK5%2BtOTufOPZdz7sdkVsGCdDlm40q4eSZpsA2iLsSNRWYKLgqFTN1kYf4Bl4JrmTE49oV73%2Fd5n%2FfAc573fLGfnpEyUnq68pHuqzCkV6olz33jU9%2B%2F5q6rKO25vUZtq7Z0zTXZ1Wat5L3pvi95R18pe77n%2BZ7vtpSRge5dmZJQ8XHTLzW90lK55FeX0DMvY5s6sNSByM7IJSgxWXzqXIbiI0Td71ak7SQ6fnu1m4Y00QaZOLobdSKdR%2BjOy8A4CKKj82loe9J6Ah0dzuRCZ%2F8OMjUhzq9PwKKjc5Fg2cFMJwshIzBxEXk2ggxHUHQEru9DiRMCcIGbtxB1H97UJqc7%2F7B0yk7I4l9%2FQuUTsvj7ZUTdb5dD1XM3dZgmSkcWveDlG6veGKo9QpyOkfQXoPIxePI5lHhOvFcvIuo%2B%2FmD8U6Y6biZNB0oUMzuUGkEFI4RyAGodpNNPOUgDB2nsoCtOXe77ft0TnHqNJucVUZesJjyf1gOf%2Bl6tgZRPFQ%2BQxAPwcABudhGbXXTUlyfVSzDpL7DbBaxwYJMJcT7eRSYK5JIgtwQ5JcgVQZ4Q5FlxKEJbtsVDEdqU%2Bee5fJ4rxVAn7X16qJO2jAioGcCIYj8%2BI69MXXM2Nq%2BiI0%2FdZq0cNIX065WakLVA1Ko1WpFN6nPJqJRNWPVDa%2FX6nbsbq5vv%2BI1yc8uyLQ%2FKLsx86KsJqbYyxGpCLjz%2FEIyOYcMxuLoAmr4Omheg2wX60TG9RxUrMdUvKQGhC8TJIpIdZz88I6%2FNNnnjqz1I%2FoycB7gpEJsC99RTgnb4YLihc3KwoXNLvr8VJ6qr%2BnS65c2EJvJ%2Fj27InVwbsbZiB99c51NiWh7fkTZZp5FQUduSx8tKCGla2nBJfl6zn0h2O7Xby6mJ0nj99nuttW5spLVKRyNQdfLZHriakP%2F%2FuD57vm%2B5v0GZEUxaoJvOlSo9Ao93YeN5z2oCE84xix3kaTE0ZTZvhooglHNMWQH7H8zm9dDQ6Wmqin37AG2zAJrcR9QtkJkCWViAhgPY9MIwic2zd19UZgEWLgxZaBYOWGjCvZnJ098jWHXqVjxRZzKQdSaXqkuB5IJVq8zjAWcV0WhwJHYSvPj6j78DAAD%2F%2F%2F%2BlHu6YBAAA
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://www.6jten.com/835.html
Certificate
IssuerLet's Encrypt
Subjecttakegerman.com
FingerprintDA:A2:E5:72:17:00:15:73:BD:41:B4:C0:58:0F:2B:59:BF:41:98:B8
ValidityFri, 30 Aug 2024 16:50:07 GMT - Thu, 28 Nov 2024 16:50:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2BNw2%2FTeEHloILEe5SRaf3zmS%2B2oU0JqOxsa1Ji7oK5%2BtOTufOPZdz7sdkVsGCdDlm40q4eSZpsA2iLsSNRWYKLgqFTN1kYf4Bl4JrmTE49oV73%2Fd5n%2FfAc573fLGfnpEyUnq68pHuqzCkV6olz33jU9%2B%2F5q6rKO25vUZtq7Z0zTXZ1Wat5L3pvi95R18pe77n%2BZ7vtpSRge5dmZJQ8XHTLzW90lK55FeX0DMvY5s6sNSByM7IJSgxWXzqXIbiI0Td71ak7SQ6fnu1m4Y00QaZOLobdSKdR%2BjOy8A4CKKj82loe9J6Ah0dzuRCZ%2F8OMjUhzq9PwKKjc5Fg2cFMJwshIzBxEXk2ggxHUHQEru9DiRMCcIGbtxB1H97UJqc7%2F7B0yk7I4l9%2FQuUTsvj7ZUTdb5dD1XM3dZgmSkcWveDlG6veGKo9QpyOkfQXoPIxePI5lHhOvFcvIuo%2B%2FmD8U6Y6biZNB0oUMzuUGkEFI4RyAGodpNNPOUgDB2nsoCtOXe77ft0TnHqNJucVUZesJjyf1gOf%2Bl6tgZRPFQ%2BQxAPwcABudhGbXXTUlyfVSzDpL7DbBaxwYJMJcT7eRSYK5JIgtwQ5JcgVQZ4Q5FlxKEJbtsVDEdqU%2Bee5fJ4rxVAn7X16qJO2jAioGcCIYj8%2BI69MXXM2Nq%2BiI0%2FdZq0cNIX065WakLVA1Ko1WpFN6nPJqJRNWPVDa%2FX6nbsbq5vv%2BI1yc8uyLQ%2FKLsx86KsJqbYyxGpCLjz%2FEIyOYcMxuLoAmr4Omheg2wX60TG9RxUrMdUvKQGhC8TJIpIdZz88I6%2FNNnnjqz1I%2FoycB7gpEJsC99RTgnb4YLihc3KwoXNLvr8VJ6qr%2BnS65c2EJvJ%2Fj27InVwbsbZiB99c51NiWh7fkTZZp5FQUduSx8tKCGla2nBJfl6zn0h2O7Xby6mJ0nj99nuttW5spLVKRyNQdfLZHriakP%2F%2FuD57vm%2B5v0GZEUxaoJvOlSo9Ao93YeN5z2oCE84xix3kaTE0ZTZvhooglHNMWQH7H8zm9dDQ6Wmqin37AG2zAJrcR9QtkJkCWViAhgPY9MIwic2zd19UZgEWLgxZaBYOWGjCvZnJ098jWHXqVjxRZzKQdSaXqkuB5IJVq8zjAWcV0WhwJHYSvPj6j78DAAD%2F%2F%2F%2BlHu6YBAAA HTTP/1.1
Host: takegerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Cookie: u_pl=22172474; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 31 Aug 2024 22:49:16 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: takegerman.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e3bf485b7eadb591f39bc81e68cedae1
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-footer-9fee37bf.min.js

104.21.9.177

200 OK

115 kB

URL GET HTTP/3
www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-footer-9fee37bf.min.js
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type
JavaScript source, ASCII text, with very long lines (14756), with CRLF, LF line terminators
Size
115 kB (115069 bytes)
Hash
323b56ff82379f94ad5a4b204c8ef44e
b43237927963699d648c641cf2839cff639d1ad1
192417d0db5553b4d6b8d1f9d38d22662d69f0f546a2117a9ef091fa41796024

HTTP Headers

GET /wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-footer-9fee37bf.min.js HTTP/1.1
Host: www.6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.6jten.com/835.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 31 Aug 2024 22:49:13 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 18:45:22 GMT
etag: W/"6696bfc2-1c17d"
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E2FF1WCFz1xE4OSWoCDoDBNRtjyHk9uRp0t71y2rAYuxsGCMmGDba5SQeZD4Jo05xdwG6apR71alrIAlgJtt6ID0JGzWtNKhZ6QoemFqlnKImCEhEQZwThGgZnrLTHyf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc09285be7bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

6jten.com/wp-content/plugins/cookie-law-info/lite/frontend/images/revisit.svg

104.21.9.177

200 OK

2.3 kB

URL GET HTTP/3
6jten.com/wp-content/plugins/cookie-law-info/lite/frontend/images/revisit.svg
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type
SVG Scalable Vector Graphics image
Size
2.3 kB (2339 bytes)
Hash
4d412a23b3de1ab18851730ddfe13825
74bc40d3f1fca7994ce2894daa1ddca3a2bc301e
16d56ad572546ad8af1260e100bf5e94d2e47988a0ca920d6e68fc3837832f04

HTTP Headers

GET /wp-content/plugins/cookie-law-info/lite/frontend/images/revisit.svg HTTP/1.1
Host: 6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.6jten.com/835.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 31 Aug 2024 22:49:15 GMT
content-type: image/svg+xml
last-modified: Tue, 09 Jul 2024 15:33:54 GMT
etag: W/"668d5862-923"
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OPOL4paJdu4HIU5%2BHsAYwqg9PH%2F3Hk%2BUGXF6FyKuD2ImoZZrt3VrAjEl3UTqgDDFXiRh46aLUrC9kU43gtVxCCGzjZTA1l7wiGRd0PHAMzbtn6csQG7wKJU6Zb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc092993acbb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i1.wp.com/res.cloudinary.com/glide/image/fetch/https%3A%2F%2Fi.ytimg.com%2Fvi%2FtkVsLCKwXmA%2Fmaxresdefault.jpg?w=250&resize=250,250&ssl=1

192.0.77.2

200 OK

7.9 kB

URL GET HTTP/2
i1.wp.com/res.cloudinary.com/glide/image/fetch/https%3A%2F%2Fi.ytimg.com%2Fvi%2FtkVsLCKwXmA%2Fmaxresdefault.jpg?w=250&resize=250,250&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://www.6jten.com/835.html
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.9 kB (7922 bytes)
Hash
20b818f776b3aa055d7cc24ee7bafe83
f0795056e6cee4be5159be490d42fdff54ad286e
ab5feeee9fc05d62489a49ed2274ca7305faffe544b946a25a883be63ac7e428

HTTP Headers

GET /res.cloudinary.com/glide/image/fetch/https%3A%2F%2Fi.ytimg.com%2Fvi%2FtkVsLCKwXmA%2Fmaxresdefault.jpg?w=250&resize=250,250&ssl=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 22:49:14 GMT
content-type: image/webp
content-length: 7922
last-modified: Sat, 31 Aug 2024 22:49:14 GMT
expires: Tue, 01 Sep 2026 10:49:14 GMT
cache-control: public, max-age=63115200
link: <https://res.cloudinary.com/glide/image/fetch/https%3A%2F%2Fi.ytimg.com%2Fvi%2FtkVsLCKwXmA%2Fmaxresdefault.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "247ec5fed9986d9b"
vary: Accept
x-nc: MISS arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i3.wp.com/i5.walmartimages.com/asr/66692878-2143-4dcc-9683-8b6a70eca666.0336ce0c18fd7acdf0db1f91d826dcce.jpeg?odnWidth=612&odnHeight=612&odnBg=ffffff&w=250&resize=250,250&ssl=1

192.0.77.2

200 OK

7.0 kB

URL GET HTTP/2
i3.wp.com/i5.walmartimages.com/asr/66692878-2143-4dcc-9683-8b6a70eca666.0336ce0c18fd7acdf0db1f91d826dcce.jpeg?odnWidth=612&odnHeight=612&odnBg=ffffff&w=250&resize=250,250&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://www.6jten.com/835.html
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.0 kB (6958 bytes)
Hash
1c961f1120392fbe72b36e6a19ad94dd
d053e169a1c9c9dab239a9178d9791d6207e4893
63df257b04e13eeeb867183e8b27d72bc29c0a4bfb1ef467ad627efa1fee149a

HTTP Headers

GET /i5.walmartimages.com/asr/66692878-2143-4dcc-9683-8b6a70eca666.0336ce0c18fd7acdf0db1f91d826dcce.jpeg?odnWidth=612&odnHeight=612&odnBg=ffffff&w=250&resize=250,250&ssl=1 HTTP/1.1
Host: i3.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 22:49:14 GMT
content-type: image/webp
content-length: 6958
last-modified: Sat, 24 Aug 2024 13:40:56 GMT
expires: Tue, 25 Aug 2026 01:40:56 GMT
cache-control: public, max-age=63115200
link: <https://i5.walmartimages.com/asr/66692878-2143-4dcc-9683-8b6a70eca666.0336ce0c18fd7acdf0db1f91d826dcce.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "9aa9e02128aeab4b"
vary: Accept
x-nc: MISS arn 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

6jten.com/wp-content/plugins/cookie-law-info/lite/frontend/images/close.svg

104.21.9.177

200 OK

1.3 kB

URL GET HTTP/3
6jten.com/wp-content/plugins/cookie-law-info/lite/frontend/images/close.svg
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1345 bytes)
Hash
cfbcf7628b425adb0a55ef223965753e
42469ca151da583cf7c242cc2b62dc446211e8c5
2aa0b7fd5005a2a0cac1a66256cd96fc4e409e0e790ec5235d4819cc9ea0074f

HTTP Headers

GET /wp-content/plugins/cookie-law-info/lite/frontend/images/close.svg HTTP/1.1
Host: 6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.6jten.com/835.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 31 Aug 2024 22:49:15 GMT
content-type: image/svg+xml
last-modified: Tue, 09 Jul 2024 15:33:54 GMT
etag: W/"668d5862-541"
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X8Wf1SjrH0GbuM9XBJPV%2BnTZUZro5rwPe3MHJM5IJ%2Bj1QCSCSc8zz7azONDEskjEu3uIf491EOTjUBX4MdlXspfzKZNHqbyucuq6jPGdq1%2FniJKjoMWY9hXmr8Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc092993ac9b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.6jten.com/835.html

104.21.9.177

200 OK

107 kB

URL User Request GET HTTP/2
www.6jten.com/835.html
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type

Size
107 kB (106754 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /835.html HTTP/1.1
Host: www.6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 31 Aug 2024 22:49:11 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
wpo-cache-status: cached
last-modified: Sat, 31 Aug 2024 22:49:01 GMT
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jcOHo840aDxATelYnlsgHrn9rBpMcphx34wNekbNqwRLE1P8fwbufpaErUXyzKkUHUIyMbH%2F440y0Fa6dY%2BK2pyoBc9AZjGAZLmq9dXrf7JRdyYuKvNv5heduZuuYLlf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bc0927afdeab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

7.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint67:2C:47:03:FC:2F:6C:04:CD:B8:61:4D:97:F1:C4:EA:71:E9:9E:11
ValidityMon, 05 Aug 2024 07:18:20 GMT - Mon, 28 Oct 2024 07:18:19 GMT

File type
ASCII text, with very long lines (7193), with no line terminators
Size
7.0 kB (7004 bytes)
Hash
1b9a5aaa00577f3b515cd8bdb5902734
ac084682592bdc2893faced3b83a36599817add0
19507720081a42c4fcac9da0e5a874af98db546cd9f4aa9aaf271cfb442b9030

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 31 Aug 2024 22:49:15 GMT
date: Sat, 31 Aug 2024 22:49:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.6jten.com/wp-content/themes/revenue-pro/genericons/genericons.css

104.21.9.177

200 OK

154 B

URL GET HTTP/3
www.6jten.com/wp-content/themes/revenue-pro/genericons/genericons.css
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type
ASCII text, with no line terminators
Size
154 B (154 bytes)
Hash
5584d6d0e72e10cb22cb49f8e3efbfa2
d872169d5001849f13a3123a80e57ce2c7c04b82
75a5f6896b29ff0e7f4e289bbd77dff781e9f98a9f971fbde6becfb591a13874

HTTP Headers

GET /wp-content/themes/revenue-pro/genericons/genericons.css HTTP/1.1
Host: www.6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.6jten.com/835.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 31 Aug 2024 22:49:12 GMT
content-type: text/css
last-modified: Tue, 09 Jul 2024 15:46:26 GMT
etag: W/"668d5b52-9a"
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q88IY%2FaYv4Whwa0Ig1YUUVuj3St4y3sB7jX7gi7%2BZd%2FTkdI8sfWQhNXNWl1C0RMg%2B6N%2Fr6k4ou8Li2TB%2BlqPSWUn0Q4a%2FGhqjFwUkZZpuQcvju7mHUMG%2BzZFjuYPeWAz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc09285ae64b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/js/script.js

188.114.96.1

200 OK

386 B

URL GET HTTP/2
cdn.creative-stat1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/js/script.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintF8:81:29:04:51:9E:EB:84:A7:36:0A:98:7D:E7:09:9D:A2:5D:A7:79
ValidityTue, 20 Aug 2024 16:31:08 GMT - Mon, 18 Nov 2024 16:31:07 GMT

File type
ASCII text, with very long lines (399), with no line terminators
Size
386 B (386 bytes)
Hash
022602a468da44628060800173771da2
9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c
6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.6jten.com
DNT: 1
Connection: keep-alive
Referer: https://www.6jten.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 31 Aug 2024 22:49:16 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:48:15 GMT
etag: W/"65bbaf2f-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3DkTGsV24Ao1SzT0Cii%2BshUaWSXbo3U%2FUKqrvOLQ%2F2YFnrBT39x7heXVEFOf5octhUrDlLOfb%2FFjyUpfn4UBmRKnhzaR4yqmkUYGFso8przdstMV65B6VSLyGlh3ADuYEKpUEDm4CUJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc092a0499d0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-header-a329196a.min.css

104.21.9.177

200 OK

56 kB

URL GET HTTP/3
www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-header-a329196a.min.css
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type
ASCII text, with very long lines (55852), with no line terminators
Size
56 kB (55852 bytes)
Hash
a890e58e31b63f74ea69bc53e755cd63
9652da3efa4791cd89e919909243e615c588d1aa
a890df2cda04fa548127450fe3c1e41f3e654745444a2b57f66c0e185b630ce2

HTTP Headers

GET /wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-header-a329196a.min.css HTTP/1.1
Host: www.6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.6jten.com/835.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 31 Aug 2024 22:49:13 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 18:45:21 GMT
etag: W/"6696bfc1-da2c"
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cN8a%2FPfDI6y57FJLv74vOuYuBBC1sl2%2BaRyL1WcGPytWuJ5PbQ2NcysGWBlObEXbfEnW5HP34whdOhQlrTNROVFFxW1UXeo5GtxuoRgCOmkk%2FmYHrgAvdsdDmoqUY5Xq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc09285ae61b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-header-49cc12d1.min.js

104.21.9.177

200 OK

120 kB

URL GET HTTP/3
www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-header-49cc12d1.min.js
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type
JavaScript source, ASCII text, with very long lines (46092)
Size
120 kB (120491 bytes)
Hash
de9099952644ab506b201699185989a8
c03865693f714b37590910c97fe4e4e462e5d34c
162c21b03f1b81ea7ed4beeccd403aca15f15b5afda3ad409911f065706fd6ab

HTTP Headers

GET /wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-header-49cc12d1.min.js HTTP/1.1
Host: www.6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.6jten.com/835.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 31 Aug 2024 22:49:13 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 18:05:41 GMT
etag: W/"6696b675-1d6ab"
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ibmz9HHmakF9q7JzVjzLAm3ar%2BN1FIwTpSGlz1kIdKHV9wyQoOLRmGyMgcgnasYaWc1qTLLktS7tLgGooMQr1aQ2HeOgCMK0yCZ303MnVv7h7wRyfsCSeE8T6miEwEm3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc09285ae6bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-footer-24df054d.min.js

104.21.9.177

200 OK

3.0 kB

URL GET HTTP/3
www.6jten.com/wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-footer-24df054d.min.js
IP
104.21.9.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.6jten.com/835.html
Certificate
IssuerGoogle Trust Services
Subject6jten.com
Fingerprint99:73:A9:DB:68:F1:43:55:CE:E5:67:D6:F3:15:60:13:70:F7:A7:22
ValidityTue, 16 Jul 2024 15:33:08 GMT - Mon, 14 Oct 2024 15:33:07 GMT

File type
ASCII text, with very long lines (3064), with no line terminators
Size
3.0 kB (2985 bytes)
Hash
c7b5c05ac1118df8b850a7a2826af923
4b5647ac22ff36107662c25fad5cb0e2b8ce6e2a
5a84e66aab2acfed14e1405ec125cbd2f9c89e3c48956a4f2f40f1972b660abb

HTTP Headers

GET /wp-content/cache/wpo-minify/1721152993/assets/wpo-minify-footer-24df054d.min.js HTTP/1.1
Host: www.6jten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.6jten.com/835.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 31 Aug 2024 22:49:12 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 18:51:05 GMT
etag: W/"6696c119-ba9"
x-powered-by: TinyCP
strict-transport-security: max-age=600; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wVAbEm%2BzQjneqAm1B7Ms2qIAfAFnZSXApUL%2FSbuXfhiUyGE2Ewlb7OWrIxLlr7qCdjJoM3TZ%2BKehu0KY0hoMhnt4Fh0LTUlz7lpllfkFED6J8qPK0cFrZrIEDzq1PjeR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc09285be7cb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash