user.mrv2ray.monster Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://user.mrv2ray.monster/
Submission: On November 15 via automatic, source certstream-suspicious (November 15th 2023, 9:38:50 am UTC) — Scanned from NL

Summary HTTP 120 Redirects Links 129 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 20 domains to perform 120 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is user.mrv2ray.monster.
TLS certificate: Issued by E1 on November 14th 2023. Valid for: 3 months.

This is the only time user.mrv2ray.monster was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	2606:4700:303... 2606:4700:3034::6815:345c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	167.172.177.153 167.172.177.153	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:20:... 2606:4700:20::ac43:45c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:55d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::681a:74e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
14	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	212.32.243.55 212.32.243.55	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:d941	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
120	23

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

user.mrv2ray.monster	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:3034::6815:345c (United States)

ASN13335 (CLOUDFLARENET, US)

www.alwatan.com.sa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.172.177.153 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

ksa.tadafuq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:45c6 (United States)

ASN13335 (CLOUDFLARENET, US)

native-cdn.foxpush.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:55d (United States)

ASN13335 (CLOUDFLARENET, US)

www.foxpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:74e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn4.premiumread.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.stat-track.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.32.243.55 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

forms.m-pages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e95162bbbb3026a4064916ef548a9709.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	alwatan.com.sa www.alwatan.com.sa	174 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 e95162bbbb3026a4064916ef548a9709.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	214 KB
15	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	221 KB
8	premiumread.com cdn4.premiumread.com — Cisco Umbrella Rank: 172608	653 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	284 KB
4	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 c.clarity.ms — Cisco Umbrella Rank: 1405	22 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462 www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 17609	77 KB
3	tadafuq.com ksa.tadafuq.com	2 KB
2	m-pages.com forms.m-pages.com — Cisco Umbrella Rank: 83577	225 B
2	foxpush.com www.foxpush.com — Cisco Umbrella Rank: 277871	171 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	159 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	768 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	stat-track.com cdn.stat-track.com — Cisco Umbrella Rank: 83421	22 KB
1	youtube.com img.youtube.com — Cisco Umbrella Rank: 3752	1 KB
1	foxpush.io native-cdn.foxpush.io — Cisco Umbrella Rank: 742009	6 KB
1	mrv2ray.monster user.mrv2ray.monster	22 KB
0	alexametrics.com Failed certify-js.alexametrics.com Failed
0	spadsync.com Failed spadsync.com Failed
120	20

	Domain	Requested by
30	www.alwatan.com.sa	user.mrv2ray.monster www.alwatan.com.sa
14	securepubads.g.doubleclick.net	native-cdn.foxpush.io securepubads.g.doubleclick.net user.mrv2ray.monster www.googletagservices.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
8	cdn4.premiumread.com	user.mrv2ray.monster
5	www.googletagservices.com	securepubads.g.doubleclick.net user.mrv2ray.monster
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
3	cdn.izooto.com	user.mrv2ray.monster cdn.izooto.com
3	ksa.tadafuq.com	user.mrv2ray.monster ksa.tadafuq.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	user.mrv2ray.monster www.clarity.ms
2	forms.m-pages.com	cdn.stat-track.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.foxpush.com	native-cdn.foxpush.io
2	www.googletagmanager.com	user.mrv2ray.monster www.googletagmanager.com
1	c.bing.com	1 redirects
1	www.google.com	tpc.googlesyndication.com
1	e95162bbbb3026a4064916ef548a9709.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.stat-track.com	user.mrv2ray.monster
1	stats.g.doubleclick.net	www.google-analytics.com
1	img.youtube.com	user.mrv2ray.monster
1	native-cdn.foxpush.io	user.mrv2ray.monster
1	user.mrv2ray.monster
0	certify-js.alexametrics.com Failed	user.mrv2ray.monster
0	spadsync.com Failed	native-cdn.foxpush.io
120	25

This site contains links to these domains. Also see Links.

Domain
www.alwatan.com.sa
www.threads.net
twitter.com
www.snapchat.com
instagram.com
www.youtube.com
api.whatsapp.com
nabd.com
alwatan.com.sa
micro.alwatan.com.sa
www.linkedin.com
www.facebook.com
t.me
news.google.com

Subject Issuer	Validity	Valid
mrv2ray.monster E1	`2023-11-14` - `2024-02-12`	3 months	crt.sh
alwatan.com.sa E1	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.tadafuq.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-16` - `2024-08-14`	a year	crt.sh
foxpush.io GTS CA 1P5	`2023-10-22` - `2024-01-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
foxpush.com Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-18` - `2024-03-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
cdn.stat-track.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.m-pages.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-21` - `2024-09-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://user.mrv2ray.monster/
Frame ID: 2374304476E35F36A0021649178CF040
Requests: 91 HTTP requests in this frame

Frame: https://e95162bbbb3026a4064916ef548a9709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 49356C43458BB8DCED0AC7C4EB719551
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstC98-M_HB2uDXZ63e6Yks-neZHrbjJmMl5FbiwZZ977fR7yTKiommB2U9Lcq-LVFOQEn1BnLJMuDNZMGviv7ZyHOUgM_7r0J10SyaC3gk9XFtBZjbOnmlnHFN-hsWpfELFVymDfUxihV0RcsmMNtSbAM8mqlPHDwnS_Xjek1OFhr8wOkeDAddGvMK9zYFMBhshXOQoyA98q-ttybpyNuRNlFw4Y_pA1JLphZvIFj6xr5QF77SVduwVjspEjgg6lGxfXA8BH4LLIr_iFWRojA2jzgPvpPUbAeMPzHIp1Qdfto5hyrLjd3ye5xX0NShz2f5xxvoA3NUJ2S7BDI_pOQ-u9uHFXpP4LOQH27uSEu1q&sai=AMfl-YTuGpL1vnuO-aMV0zSklOg8S06lBEJ_CataegWcYyDzrXoDoIbBbd4UAQ1-zYx1Ft7tkcVo_a89LMGrrEa2H2PmX_Pp3pIosKzXiLmY3OK9IqPrlqvhatLmgog0RzGcGxDap-4C1_dbMXAZLievdOoN&sig=Cg0ArKJSzHPkFCNa2_9kEAE&uach_m=[UACH]&adurl=
Frame ID: 1C99FE19C58AAFF7710A0F088B2DA999
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzmij5BfVWDpGwl56L3USFRSPWiCGiCN-5fEieUhzuHsHBK5YDAEk_rQG_povvc0sgRqUk51FeiHd4zuUdC7-zS_wwkxjzaNDla_DuHlED3XS8RW68EBuJDxU-_QfoRFY-mY4UYyp2W4TXiHJJMOnkkag4YPArhLQeUN_b3NiXPitp3LrI4BkPvoKt3f0Roah_MdZCvTicB7zANimlM-tkRIL1rT01DaWknOWJZvalvxd1OuQSg4JyNXwfXB-hdC3Jsms1yKeGlGFxI0n1YsTVBm9jFkUiTKMgI9s1Fth6bRgwTMWM0-YexGl2S78EoeiXLSNSxEKM8FpbCGT_sq2kEwK-a_BadVnfqbOY&sai=AMfl-YR0w08KndyAg2rZmW3Lq3gBTerHjbDYr1f7rPHy1AQU9vNwCaBo-v_unTwEtEXD0JdkNM1aaqcXbRB8i4HxO5IpAMBhdHo2pfrKZG6i5774_gXkrm7LMuM8NMIeKhcshRiBJDr3nRAWcWohdv9mgzSG&sig=Cg0ArKJSzOmzV28Fya1XEAE&uach_m=[UACH]&adurl=
Frame ID: D171E6822FC85584C72716C549BFF508
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvCXOZixDjU2vHDNP8i72f8gN3fctV3kN6ohnNpjgMV_iybh_vVPDkGxmT8wYkojZRs5xuNINX46YMmRgKn6PFZPMOqnKtCEF2SaU2a61kF8anIcMbNtMI-4_c9VmuJpSj6fApMP_HtFXEReU1HPh4-rgE-GygnGa80CJF2rcepIDCqHAN6Hs7ByUU7UMDhtSUAfbhm6zHPvA1JEadJsYqHqSQuUpLgrLvCuCjkeGpgMxxAkUMy4pmfV39ixuz77KTRo7YWvy1ptgoeBabNUxdn2WOX-WO7oF6o5LSaOq7YTJeMPZDWf0AaaX24PDE2XdGhR56MNcekN-P2X0rdiRSs5Vsp6JC3bRdGMN_&sai=AMfl-YSximiHkXxq6xKCRFpDpF9VOlTnzI9AyBjqPc97UpUCK9bMr8lGC-Xc2cyUZt2-ydlAX8IhuybMyDhwsltwQclaq8rHlh_WvIMyXJnz25hQZcrgloBjEFyX7mPsNcFCBCaG-lDwV0PUL8GphACqmlWd&sig=Cg0ArKJSzAMbAAXOWnpXEAE&uach_m=[UACH]&adurl=
Frame ID: E4C628D74CA1DF814788F320FA91326E
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusjDTYo0pMeg2r28rjsf0YpJ2c7Q78NqBELwLAQBbYkVplpczHgVeOK39bJ7B7hIhqCv7wAlAork0tVr4hLxUFjmsblSWqNmX-5nTuuPC7Jk36sQGOL-CF3Y6wihaVWxGCToYCs9UmVbRsgHJ794cXAQsnN_SD5w8by_EsCOyAHpfvDfikmuQre1YwOX7ojXd3PRIrpdL4zBEkn1-_GkENYfyqK0h11GmS4LvVnoLEgXf9_urRH_QBZP003KqdgRhyAQft81UKMBihTVewM9Phs5XxhDUlY9Gn1yduvkvtqJKeLRj0tWaMIhBF3iGWNIY2QJh5o6lzMxjydgM9uHDbeiROZqOe8m3mmjYm&sai=AMfl-YR8urjkREaTxNvEpHtRbCO_2GK2uoNwExDQkJu-St6fUc_cUMPNsc6f-3N44BwkToF1EoB3mdUnAxcdLmv0X1lm0IacKnuTer9IBDJswiHxFOkeselJ3ltjq4SJ79if6iDTb0T1kNOTBR9eull1p-7t&sig=Cg0ArKJSzOOoAroacVSmEAE&uach_m=[UACH]&adurl=
Frame ID: 12276B59FDDC18BB431BDBB761C46AB8
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 79A34D33FB34B3EA9B1DC316DC9228FF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A26C0CDA187DFC31DB621EE327102F68
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 64E2F19C36075A1CD51D5EA3DA9B04B9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

الرئيسية - جريدة الوطن السعودية

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

120
Requests

82 %
HTTPS

83 %
IPv6

20
Domains

25
Subdomains

23
IPs

5
Countries

2051 kB
Transfer

4739 kB
Size

25
Cookies

129 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alwatan.com.sa/

Search URL Search Domain Scan URL

URL: https://www.threads.net/@alwatanksa

Search URL Search Domain Scan URL

URL: https://twitter.com/alwatansa

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/alwatan-ksa

Search URL Search Domain Scan URL

URL: https://instagram.com/alwatanksa

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/AlWatanksa

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=966508227333&text=%D8%A7%D8%B4%D8%AA%D8%B1%D9%83

Search URL Search Domain Scan URL

URL: https://nabd.com/alwatansa

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%B3%D9%8A%D8%A7%D8%B3%D8%A9
Title: سياسة

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/morearticles/%D8%B3%D9%8A%D8%A7%D8%B3%D8%A9/%D8%B9%D8%B1%D8%A8%D9%8A%D8%A9
Title: عربية

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/morearticles/%D8%B3%D9%8A%D8%A7%D8%B3%D8%A9/%D8%AF%D9%88%D9%84%D9%8A%D8%A9
Title: دولية

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/morearticles/%D8%B3%D9%8A%D8%A7%D8%B3%D8%A9/%D8%A7%D9%84%D8%AD%D8%B1%D8%A8-%D8%A7%D9%84%D8%B1%D9%88%D8%B3%D9%8A%D8%A9-%D8%A7%D9%84%D8%A3%D9%88%D9%83%D8%B1%D8%A7%D9%86%D9%8A%D8%A9
Title: الحرب الروسية الأوكرانية

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D9%85%D8%AD%D9%84%D9%8A%D8%A7%D8%AA
Title: محليات

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D9%83%D9%88%D8%B1%D9%88%D9%86%D8%A7
Title: كورونا

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%AD%D8%AC-1444
Title: حج 1444

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%B1%D9%8A%D8%A7%D8%B6%D8%A9
Title: رياضة

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/morearticles/%D8%B1%D9%8A%D8%A7%D8%B6%D8%A9/%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9
Title: سعودية

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/morearticles/%D8%B1%D9%8A%D8%A7%D8%B6%D8%A9/%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9
Title: عالمية

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%A7%D9%82%D8%AA%D8%B5%D8%A7%D8%AF
Title: اقتصاد

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%AE%D8%AF%D9%85%D8%A7%D8%AA-%D8%A7%D9%84%D8%A3%D8%B9%D9%85%D8%A7%D9%84
Title: خدمات الأعمال

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%A7%D9%84%D8%A7%D9%82%D8%AA%D8%B5%D8%A7%D8%AF-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A
Title: الاقتصاد الدولي

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%AD%D9%8A%D8%A7%D8%A9
Title: حياة

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D9%86%D9%82%D8%A7%D8%B4%D8%A7%D8%AA
Title: نقاشات

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%B1%D8%A3%D9%8A
Title: رأي

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%A7%D9%84%D8%A7%D8%B3%D8%A8%D9%88%D8%B9%D9%8A%D8%A9
Title: الأسبوعية

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%AC%D8%A7%D8%B2%D8%A7%D9%86
Title: المناطق

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%A7%D9%84%D9%82%D8%B5%D9%8A%D9%85
Title: القصيم

Search URL Search Domain Scan URL

URL: http://alwatan.com.sa/morearticles/%D9%85%D8%B3%D8%A7%D8%B1%D8%A7%D8%AA/%D8%B5%D9%81%D8%AD%D8%A7%D8%AA-%D8%AA%D9%81%D8%A7%D8%B9%D9%84%D9%8A%D8%A9
Title: تفاعلية

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%A5%D8%B9%D9%84%D8%A7%D9%86%D8%A7%D8%AA
Title: اعلانات

Search URL Search Domain Scan URL

URL: https://micro.alwatan.com.sa/panorama/high-city/
Title: صور تفاعلية

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D9%85%D9%86%D8%A7%D8%B3%D8%A8%D8%A7%D8%AA
Title: مناسبات

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%A7%D9%84%D8%A7%D9%86%D9%81%D9%88%D8%AC%D8%B1%D8%A7%D9%81
Title: إنفوجراف

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%A8%D8%A7%D9%86%D9%88%D8%B1%D8%A7%D9%85%D8%A7
Title: بانوراما

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D9%81%D9%8A%D8%AF%D9%8A%D9%88
Title: فيديو

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%B9%D9%8A%D9%86%20%D8%A7%D9%84%D9%85%D9%88%D8%A7%D8%B7%D9%86
Title: عين المواطن

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/uploads/pdf/2023/11/15/watanksa-20231115.pdf?ts=12
Title: عدد اليوم

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137203
Title: اليوم.. انطلاق "منتدى مسك العالمي" حضوريًا وافتراضيًا

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137202
Title: القيادة تهنئ ملك بلجيكا بذكرى يوم الملك لبلاده

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137201
Title: التشهير بمواطنٍ ومقيمٍ ارتكبا جريمةَ التستُّرِ في أنشطة المقاولات بالرياض

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137200
Title: إطلاق شهادة الخدمة للأفراد العاملين بمنشآت القطاع الخاص

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137199
Title: ديوان المظالم: أكثر من 5 ملايين إجراء خلال عام واحد لمركز إدارة العمليات القضائية

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137198
Title: مغادرة الطائرة الإغاثية السعودية السابعة لمساعدة الفلسطينيين في غزة

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137196
Title: بيئة مكة تطلق البرنامج الوطني للتشجير

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137195
Title: 9.3% ارتفاع إيجارات المساكن في السعودية خلال شهر أكتوبر

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137194
Title: مجلس النواب الأمريكي يُقرّ قانون مؤقت لتجنب الإغلاق الحكومي

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137193
Title: سيرا القابضة تنفي إنشاء مشروع فندقي في مصر بقيمة 5 مليار جنيه

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137163
Title: إسرائيل تثير العالم باستخدام النووي

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137166
Title: 15 مليون دولار لدعم الاستجابة الإنسانية الطارئة بغزة

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137165
Title: القوة الناعمة المتزايدة للصين على الفلبين تهدد أمريكا

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137156

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137155
Title: بطولة الناشئات تنطلق الجمعة

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137153
Title: أسد مغربي يقود الفتح للتميز

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137152
Title: الاتحاد يقترب من لوبيتيجي ومالديني

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137151
Title: إسبانيا تجهز أخضر 19

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137191
Title: انخفاض درجات الحرارة في شمال السعودية وأمطار على معظم المناطق

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137197
Title: إعلام مؤهل لكأس العالم

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/author/393/1/%D8%B9%D8%A8%D8%AF%D8%A7%D9%84%D9%85%D8%AD%D8%B3%D9%86-%D8%A7%D9%84%D8%AC%D8%AD%D9%84%D8%A7%D9%86
Title: عبدالمحسن الجحلان

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137162
Title: ‫ التسامح مبدأ أخلاقي وقيمة إنسانية

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/author/215/1/%D9%87%D8%A7%D8%AF%D9%8A-%D8%A7%D9%84%D9%8A%D8%A7%D9%85%D9%8A
Title: هادي اليامي

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137161
Title: ( إحالتي) آلية تطبيق غير منضبطة

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/author/4841/1/%D9%85%D8%B1%D9%8A%D9%85-%D8%A7%D9%84%D9%86%D9%88%D9%8A%D9%85%D9%8A
Title: مريم النويمي

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137160
Title: حتى لا يتأثر الصغار بفيلم LION KING

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/author/534/1/%D9%85%D8%AD%D9%85%D8%AF-%D8%A7%D9%84%D8%B3%D8%B9%D8%AF
Title: محمد السعد

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137113
Title: مناسبات عالمية قادمة وأنفاق تغرق

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/author/243/1/%D8%B9%D9%84%D9%8A-%D8%A7%D9%84%D8%B4%D8%B1%D9%8A%D9%85%D9%8A
Title: علي الشريمي

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/themes/watanksa/#myCarousel

Search URL Search Domain Scan URL

URL: https://micro.alwatan.com.sa/prayertimes/

Search URL Search Domain Scan URL

URL: https://micro.alwatan.com.sa/salaries/

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137189
Title: 147.226موظفا بسن التقاعد في القطاع الخاص

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1136913

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1136911
Title: لماذا تشتكي النساء أعمال المنزل تخلصهن من التوتر

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1136910
Title: 67 % من المستخدمين قلقون من خصوصية البيانات

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1136885
Title: مجموعات ثقافية تتحول إلى جمعيات

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1136884
Title: كتب الرعب والجريمة الأكثر مبيعا

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137143

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137140
Title: توعية وابتكار: رؤى جديدة في مكافحة السكري

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137139
Title: جنون المال والشهرة يزيدان العنوسة

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137127
Title: دراسة تكشف.. لكل فتحة أنف حاسة شم مستقلة

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137124
Title: كيف يتم توثيق الرضاعة عبر منصة ناجز؟

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137192
Title: يوميات صادمة

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137172
Title: مستقبل صحي رائد

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137171
Title: نحو مستقبل صحي يضمن نمط العيش بتوازن

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137170
Title: صرح صحي متخصص

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137176

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137175
Title: 15 روبوتا طبيا لتقديم الخدمات الصحية

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137174
Title: التواصل التفاعلي فكرة جديدة والبداية من جازان

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137173
Title: مراكز جازان الصحية تعانق النجاحات وتحصد الجوائز

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137169
Title: تخصصي جازان حلم يتحقق

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1136249

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1136192
Title: أمير منطقة القصيم يطلع على 120 مشروعا طلابيا

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1135845
Title: STEAM في تعليم القصيم

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1135516
Title: إضاءة القصيم ينطلق بـ30 جهة مشاركة

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1135183
Title: معرض بمناسبة اليوم العالمي لالتهاب المفاصل

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1129194

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1124842
Title: الصحة العالمية تعدل استراتيجيتها لكورونا من الطوارئ إلى الوقاية

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1123749
Title: الصحة: جرعة محدثة ضد متحورات كورونا

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1119790
Title: الصحة العالمية تعيد النظر في قرار تصنيف كورونا كجائحة عالمية هذا الأسبوع

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1118336
Title: قيود السفر على القادمين من الصين تتزايد

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1136949

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1136912

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137141

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137026

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1136967

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137178
Title: دورة في الصينية شرط التعليم للابتعاث

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137137
Title: مجلس الوزراء يوافق من حيث المبدأ على إنشاء المركز الإقليمي للتنمية المستدامة للثروة السمكية

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137188
Title: وفد هيئة تطوير عسير يزور أكبر مزرعة في العالم

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137157
Title: ودية وحيدة للفرسان خلال التوقف

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137142
Title: 98% من السعوديين يشعرون بالاعتزاز تجاه الحملة الشعبية لإغاثة الفلسطينيين

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137130
Title: النيابة العامة: السجن والغرامة لمواطن ووافديَن بتهمة تلقي وجلب أكثر من ربع مليون حبة كبتاجون

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137136
Title: أرامكو تنتج أول غاز حبيس غير تقليدي من جنوب الغوار

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1137135
Title: الأرصاد ترفع مستوى الإنذار للون الأحمر على محافظات منطقة مكة

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1123432

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1122040

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1130562

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1124104

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1136011

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1135346

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1136675

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/article/1136416

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/morearticles/%D9%85%D8%B3%D8%A7%D8%B1%D8%A7%D8%AA/%D8%B5%D9%81%D8%AD%D8%A7%D8%AA-%D8%AA%D9%81%D8%A7%D8%B9%D9%84%D9%8A%D8%A9
Title: قصص تفاعلية

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%A7%D8%AA%D8%B5%D9%84-%D8%A8%D9%86%D8%A7
Title: اتصل بنا

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D9%85%D9%86-%D9%86%D8%AD%D9%86
Title: من نحن

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D8%B7-%D9%88%D8%A7%D9%84%D8%A3%D8%AD%D9%83%D8%A7%D9%85
Title: الشروط والأحكام

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/archive
Title: الأرشيف

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/alwatansa/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/alwatanksa

Search URL Search Domain Scan URL

URL: https://t.me/watansa

Search URL Search Domain Scan URL

URL: https://www.alwatan.com.sa/rss

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKS_mwsw6MmzAw?r=7&oc=1&hl=ar&gl=SA&ceid=SA:ar

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 119

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DBE6400F598A46DC886ED3ED513C8FB8&RedC=c.clarity.ms&MXFR=210064C2BAC267662B277708BEC269D6 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DBE6400F598A46DC886ED3ED513C8FB8&MUID=0CBBD75354296C14148EC49955836DD0

120 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
user.mrv2ray.monster/ 146 KB
22 KB 295ms
107ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: 5342a29885029f7ff5ebbc88b2f6ff7e6009e20b3d29c940ddb5ac50b3fa1d20

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 27
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826685d758cc0e50-AMS
content-encoding: br
content-type: text/html
date: Wed, 15 Nov 2023 09:38:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cICUCMhme5%2Bz%2BLnWjsOj220NLF6DWJ7AGASE4iOMIXL4MLOsrnpZzC2%2B7OFNGeExtvSMdHOqdon9kf7g5bFEjVBjcDp2R7h%2BZX%2Bb17PXXlOxH5GTRkuG5VDLLZSYBTYRv8O578qRI8tdaOiXV6RKoZ4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-id: N6JJsUTTAUrBiBNuJ6g1lM_rrcJ7WwNrup2HnlgHLJyDNi1h_atGhg==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
x-powered-by: PHP/5.4.16

GET
H2 200 jquery.min.js Show response
www.alwatan.com.sa/js/ 84 KB
31 KB 286ms
43ms Script
application/javascript 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.alwatan.com.sa/js/jquery.min.js
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4f2c0cab0dcd2ffb80caeea8a863a0e05113408fd69603231020c7a05fc7c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 e3d9ae12f22103dbc65c451ae520a012.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
age: 606288
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Tue, 11 Apr 2017 09:14:50 GMT
server: cloudflare
etag: W/"58ec9e8a-15157"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJo5un%2B93xerP6CHEHqjKliqxz7qZyOat%2FyB81vV1BzE84OcfSU5NfcvMeupqzOMTh3XsbHmQVLJ80oj8%2F6HveBG89rX4Ab4h2G30KE2dReqsqqLOijZJD4IJktXWkr72XLhYHPLyAKWUCbSelUIrcI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 826685d99e860a57-AMS
x-amz-cf-id: jQ3kCMSAoLHVxJB8kWEFpIm11BY_UJwvHkGrDMPt7fhBreC4nWGpzA==
expires: Thu, 30 Nov 2023 15:41:28 GMT

GET subset-HelveticaNeueLTArabic-Bold.woff2
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET subset-HelveticaNeueLTArabic-Roman.woff2
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET subset-JannaLT-Regular.woff2
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET subset-JannaLT-Bold.woff2
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET subset-HelveticaNeueLTArabic-Light.woff2
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET Cairo-Regular.woff2
www.alwatan.com.sa/themes/watanksa/css/fonts/ 0
0

GET fontawesome-webfont.woff2
www.alwatan.com.sa/css/font-awesome/fonts/ 0
0

GET
H2 200 style-one.min.css
www.alwatan.com.sa/themes/watanksa/css/ 131 KB
27 KB 288ms
47ms Stylesheet
text/css 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.alwatan.com.sa/themes/watanksa/css/style-one.min.css?v0.66
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a53c92c6134d2c19510e23c95dabb4d1c6027c32dde0a02f7f93b6ad3c4360d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 80870c148d8c8f3b510fdacf10500460.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
age: 1873
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Dec 2022 11:03:58 GMT
server: cloudflare
etag: W/"63970a9e-20ca8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FK%2B4Hlscr4VMO2JmYLbDEgij%2B36PlsDOnXqAzDkzR50T6IY%2BnfeZn5WGKb2Y4jJ6bZCuMdXsxxLVuF5cIZ8USK8RzX7wPyEZI42gwnX5GCZT26YnCdd9Xw1lUnDbPVqaUpzOanaLeHu%2BrBtYWy%2FQ5Y8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 826685d99e840a57-AMS
x-amz-cf-id: Oi6r406fh7jULFNk8pVs-rCywn1SFEgJKSKGk9PT-oEVYcNryHA4lA==

GET
H2 200 style-new-version.min.css
www.alwatan.com.sa/themes/watanksa/css/ 54 KB
9 KB 283ms
42ms Stylesheet
text/css 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be47f8c0b3166be5befff89e5018197e1bee8837459b4fc6e310f1a492e6103

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 a4f5633e78f92f983940236e96220232.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
age: 1873
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 05:36:59 GMT
server: cloudflare
etag: W/"64d4777b-d7c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwwYD1jZaySw0he4cf1vXjdGPrTFVOJE0iyuPh7UfUL1qKMXZMiEdNhqSEgnXvZsPWqx4kbijaAXZrRmn%2BLH0O%2B%2Bdd3j%2BwX%2BqO6rzYXKe2P26LIxr5gs5iB%2BCcr8DqvVhGr3BBZ5IIYgn0OWaVrtz0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 826685d99e830a57-AMS
x-amz-cf-id: tIOkdcner70aOAUW_bVeHjLhhhvkU_Cf-jKRZnEdF4B-WXLVkxGNWw==

GET
H2 200 logo.png
www.alwatan.com.sa/themes/watanksa/images/new-version/ 14 KB
14 KB 38ms
34ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/logo.png
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 095170fb1d98436c025136fb7e3269ba209776c7e34cf1ecd0acde676efff575

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 480845f7432fb94c1c6d81f7845a67fe.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
age: 1872
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 23 Dec 2020 10:26:12 GMT
server: cloudflare
etag: W/"5fe31b44-3684"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWWv5%2BZMyTG0St%2B2R8AbMLan4zS7vTHf8BP3P5YtZieLPRistusGaj4vUrsZr1N7snvneTgJBlY1i84XN8OBLyM9scB9QW04mp61RfRmPs9hE1CCFhT3D4ECMkLzZUG7je0py1hbPYNoXmr0UYjVb5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cf-ray: 826685d9eec60a57-AMS
x-amz-cf-id: Bs6qegmPZvU9rWa2EOxEvCo7IUu4-XfIVd0Nb0C6BP1lFFBXDj6hYQ==

GET
H2 200 threads-blue.svg
www.alwatan.com.sa/themes/watanksa/images/new-version/ 2 KB
2 KB 51ms
46ms Image
image/svg+xml 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/threads-blue.svg
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26ad452a4b4bf5d027b5c6748bb06b7d63948270e001ab43bbcb284e3c46a2fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 1e22254f0abea6547aaa07a03d921130.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 10 Jul 2023 08:50:00 GMT
server: cloudflare
etag: W/"64abc638-7b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJ9tJrUUKOG4D050iYZIhgGu4YVTQL640mCJnCCDEJ0p8Mz55iqGlIjBzrOD0vrXwYHkzBS7WWP26zSGzxjsG6qVDWhb9teketTvXBXHLt5UZHau5Z5EkejIJwl0CT28LD7r7nI8N7do6lZQgA971rM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 826685da2efc0a57-AMS
x-amz-cf-id: L7um1e2uxWICl1Ammh75BVchHaETgE3EwLqejqBvVOUVmxBjeEzAXw==

GET
H2 200 nabd-blue.svg
www.alwatan.com.sa/themes/watanksa/images/new-version/ 1 KB
2 KB 53ms
48ms Image
image/svg+xml 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/nabd-blue.svg
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9bc75f6e53c1561d95cddf33fc2074210b3ebe5eb1a9b9610cca9f59f74c7e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 e6ef76f348359a0bc64c007ab009ebd2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Mar 2021 14:07:43 GMT
server: cloudflare
etag: W/"604f6a2f-558"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EvVeP51VqAqhWf%2B7ngJ3HZZmQrpRqr9XKzCPBtw2Y%2FJuCgOFLLpGN%2B93rov1ZJKhqLKstrvO5EZl6oLs2K2ZKCKZ2oX8thcwE%2FPLXhIZDGTYxlTirreiwCJtA1YwPaoqOhKPh6I9tC2PnjoYCMO3mU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 826685da2efd0a57-AMS
x-amz-cf-id: lFoL3QH0LmCgN9ItJmVvLT0btC1t4qh1U9htNgbgJ40FnthxV2q9og==

GET
H2 200 no-image.png
www.alwatan.com.sa/themes/watanksa/images/ 8 KB
9 KB 51ms
49ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/no-image.png
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c27c2bec66857256c4caa1f9300f367e43f87a3a9a7c0f170522d9d5f0717f11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 5ca3eb318b3d637b6c83037daa75f174.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"5fd7812c-2192"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DaAM97Hc7dLAuv1K229xqhGEuDLzVB8w7OvbTbu%2BoSFawx0tZYwlvCU3mCizjLb9uZzt9VSos1pemz4M4hU28FMVPlUo62vOdLLapRvCLLMEXY2pIPvmYsHAYrPoPMP56YPsTOKgNGHizRk1UkFtBms%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685d9eeca0a57-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fYysaDaEmCsofOajcos5XtLfEoRdIa-sCDWIcUjbmy8fU3JFCDz0yA==

GET
H2 200 spcjs.php Show response
ksa.tadafuq.com/adserver/www/delivery/ 2 KB
962 B 813ms
387ms Script
application/x-javascript 167.172.177.153
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ksa.tadafuq.com/adserver/www/delivery/spcjs.php?id=20
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.172.177.153 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3a893657918de46bddb4299de7c5cdaa557a49a39b4cb76c50edd904c2c78a84

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 15 Nov 2023 09:39:07 GMT
content-encoding: gzip
content-type: application/x-javascript
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
expires: Thu, 16 Nov 2023 09:39:07 +0000

GET
H2 200 prayertimes-icon.png
www.alwatan.com.sa/themes/watanksa/images/ 7 KB
7 KB 44ms
40ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/prayertimes-icon.png
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8543b77ad5f571b47a0f13230e5d5abffa694823073594a635ceb110933aa9b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 c325bcaec82bfa9f1a033070b385ab14.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Tue, 17 Aug 2021 06:19:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"611b5506-1c5c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mcu0JWkPU96F9WL5LuqguVG87Y0JB2iZb1Pv%2FP4xCjHIhOO15DYBHXHpr84H6cKxr98W9PNwbPIIhB1EqOG9xLRQ51BbvE72rlx5SNh%2BE1M9k6qKMczdss3tQTekb2reL3wwIZ7EtrnzL86Fj0z90WU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685da2efe0a57-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Gao6ZeuDqzIzso_qFdiSL442IG0CngcRPIlgdcgWDvwDmWQymhnoOw==

GET
H2 200 salaries-icon.png
www.alwatan.com.sa/themes/watanksa/images/ 8 KB
9 KB 44ms
41ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/salaries-icon.png
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8747d20453bc960aae9b61b9ed4fb6120a95391f10ded5ba27772ed6173cd595

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 1fb7ef67aaeb45ceb86b21babb0ba848.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Tue, 17 Aug 2021 06:19:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"611b5506-21e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzEeEv9VfExahLbwF6GVhQ%2BR%2Bxx6Nye49Ys5TNcECBlkisVEzR%2FGFf%2FLjTUULyAPq4kd1daYDtqJWIV75uwFYE1AYOymU3M98p2r0afgeFPXcOq70K%2FlHzti15PrMbLeoYery%2FaUCVuNVQX6iTt2z1M%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685da2eff0a57-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gJoptL-fJZFfR1he1w0C3BRQr7pEdx58oe3jYEWKJZWL3G3u8l3G8A==

GET
H2 200 logo-w.svg
www.alwatan.com.sa/themes/watanksa/images/new-version/ 17 KB
6 KB 53ms
50ms Image
image/svg+xml 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/logo-w.svg
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7b8e3c65d1a620c812790eb4794dd3b09d4a673d89223c1b5af6ac4978f34c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 1d10719558a2481e0d462e12964f647a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
server: cloudflare
etag: W/"5fd7812c-43bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZA5TSgu7e%2BlqJ5SeBpBI9tollsjBGN%2F0Aw2%2B2hmbjeBRp41rhiFfyC%2BjOFoXpHOipXAnQVV8%2FUiJz6XbEJkSE4%2B0lgrtnx4mS%2F%2BuzbAbB%2FZvff7BrubqodToQ8ICOmjRWqDHNGPyxxwQQK6Oqdi248%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 826685da2f010a57-AMS
x-amz-cf-id: iR0YyxCZ6efNcYngAjy4QZAR2ZWyno5Y5f7M1bUmwaTfdENyCPwBaA==

GET
H2 200 nabd-white.svg
www.alwatan.com.sa/themes/watanksa/images/new-version/ 1 KB
1 KB 55ms
52ms Image
image/svg+xml 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/nabd-white.svg
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe5ead03e99278568718979714a82cff97ee9fb7c097c63ac4c901d9fd528704

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 70edb33d401d701d341a00ffeb978b84.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Mar 2021 14:07:43 GMT
server: cloudflare
etag: W/"604f6a2f-53c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2NvEWd8Taa66mPiB3PvC7ojfgIkvCd0aRf9DOqLlYRiBIy919jNvCAiZ6gbyEO%2FpfD2n25epZ9GZHoaX%2BdDWnmPX4LAyJfL5wbocJcCNiP7wZa7eV5W0lIJehALPS%2F9Oj6xsQuuLTUzZPDOxKrrrsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 826685da2f020a57-AMS
x-amz-cf-id: bpaQtjSWMpQFMnSYBbpeg2aF_GzfinsPxg5x7sf5_cF502bucJx_og==

GET
H2 200 foxpush-bidder.js Show response
native-cdn.foxpush.io/ 15 KB
6 KB 180ms
62ms Script
application/javascript 2606:4700:20::ac43:45c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://native-cdn.foxpush.io/foxpush-bidder.js
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f34f79041f910169e7eaccc6109494e93c720a6ae3bdb87e1c3b46a068eae2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: MMPJEHQRT8QFGZRM
age: 2471
x-amz-server-side-encryption: AES256
x-amz-id-2: og/I5ztRACFtxZg2/xi0lfVQA9zFngBOQktAzNSNsh5MKU4VG2ph0LlvgYQK25rDz4tESx0FkzV/ehB+9yUZ9Q==
last-modified: Fri, 10 Nov 2023 14:05:10 GMT
server: cloudflare
etag: W/"595e2a3e5c066a15fa988879efad88bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDSgTHVDTdRnajCvvl%2FGJKd0YLKTPbdylG3QAn9uJWHp7CKrVxYlUW%2Bts%2FIm%2FamwsMx%2FHr%2FC4f0QXZcsa%2BgL1xQOdXphaP0vvA8jAmE0wNaP9837deYwp954UCCZjaH3ds%2FIzVSDTfo23SHJZ%2FhZtLN%2FWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 826685daddf3671e-AMS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 139ms
56ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W4ZJPVS51M

Requested by

Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

662f9c1dd4bcbc87f325ff066215bc1d2cbb6fa54913ecd876c10d86798a627e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94623
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Nov 2023 09:38:43 GMT

GET
H2 200 script-one.min.js Show response
www.alwatan.com.sa/themes/watanksa/js/ 79 KB
22 KB 43ms
36ms Script
application/javascript 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.alwatan.com.sa/themes/watanksa/js/script-one.min.js?v4.65
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc810cb71df889c421af1dcfa974d930945ffa79c92b0956f89570fde4b4acdb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 4c691f43539bb56ddcaef755730a6e86.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
age: 1873
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 05:36:59 GMT
server: cloudflare
etag: W/"64d4777b-13c2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQ7Zkd1%2BZdJ81VL9OcGszNS1t%2FNI7rHTRFXVSedjXfYB%2B5D%2BZ%2FNPZvB7TNXJw4x2yyvHzcgvCXP2UkV6ihgk5Y9wiyYf%2FsjUmyBQ39AlvPk5gAk%2F6%2BA5WLbdhQSHEwXKJx38SilBR9GE4au7PZ3yo9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 826685da2ef90a57-AMS
x-amz-cf-id: 3p5tk05j8-VtzHVdVSwDnv39G-nNNPbWrazlEoY0fqjXztyKgpYWyA==

GET
H2 200 script-new-version.js Show response
www.alwatan.com.sa/themes/watanksa/js/ 3 KB
1 KB 40ms
35ms Script
application/javascript 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.alwatan.com.sa/themes/watanksa/js/script-new-version.js?v0.03
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4169d201cf4fea2a47fda430881918ad916c9b16bb19ef113691ea8975e44ae6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 480845f7432fb94c1c6d81f7845a67fe.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
age: 1873
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 12:58:01 GMT
server: cloudflare
etag: W/"618bc1d9-ba5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHRlMtACIMmaqfc%2BqPbiERzZWPR8qQ4DrlWr%2B48wh2LyBqP%2FbfRy8Pluj06khOXcAqoDHhpImLCJmlmqD4BNRJJSHDiW0b0wR%2BYzuT2QM96AMbWWfqjQLwhwLdZxS%2FsjBp8dEDGkcKDs2SY7%2FHF8%2FVY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 826685da2efa0a57-AMS
x-amz-cf-id: fxRMAi1QCQLRvPOlnrKm-geY8dskWD_kEWBJRsUIKs_6UcfQRz0PJA==

GET
H3 200 view.svg
www.alwatan.com.sa/themes/watanksa/images/new-version/ 1 KB
1 KB 103ms
103ms Image
image/svg+xml 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/view.svg
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54697473ee7bbc7bb8db83b108367e01915aecba5dee08e708820ec8227a7b7c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 11dfc8c750cf42e4f5f3a7296512a1f8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 23 Dec 2020 10:26:12 GMT
server: cloudflare
etag: W/"5fe31b44-413"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtiOU8PAT3iLpPLCERqGfOYTDeOQZmfommJ63F2wqaf3mIn0BpL3fXlEKY3ZCek47Zp29TlYJnSbX23U14Ook8Y45k2jHY78FeGljX3YO%2FF9ObvZAOfNtSdzAP7iWSqnvZi11aYWBxQhqgc%2Bo2o8Wz8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 826685da5df00e14-AMS
x-amz-cf-id: qG1fzTWrvrN4s3kbx3nCyJEX3NbNltkfqGs5C1IEtz61zYyv3sfPGQ==

GET
H3 200 pdf-file.svg
www.alwatan.com.sa/themes/watanksa/images/new-version/ 2 KB
2 KB 79ms
77ms Image
image/svg+xml 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/pdf-file.svg
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2ca71bccb76dbc2b017bcf52e4908e1fefd7dff9b037a3af824fc371d487a2b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 432282689bafd802e8ec9636c256a3b0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Jun 2021 12:41:40 GMT
server: cloudflare
etag: W/"60b8ce04-783"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rixim8QqX%2BK0Fuqw9%2BE%2B8q5qQGmNDyhF3x%2FYfGzdrD8zN5XLuyFthSgiBZt97so5UWodpQ9vugkg8Xwp3fF%2Frl7ap0j%2B0s7KkbOQNOTp%2BV27b3Y9%2Fxqnknr54c3nPa5a7FINRYI0ysTKUa7GCOJDCHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 826685da5df70e14-AMS
x-amz-cf-id: nI5pcuWkGahNUszdU5JS0go3D4PlltIQ8TwFKI5oz-wItH_d_X_Hfw==

GET
H3 200 search.svg
www.alwatan.com.sa/themes/watanksa/images/new-version/ 694 B
1 KB 108ms
107ms Image
image/svg+xml 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/search.svg
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 368add315e2e600662dcb93df5c409c4599cc14c338655704896336a1d38d317

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 ec2f767a4113b6a2b366ac7622dad01e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 23 Dec 2020 10:26:12 GMT
server: cloudflare
etag: W/"5fe31b44-2b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4A79nCunl4J2hZmcZ2k6NPFl6Jr5Qv3BvF6rA%2FtAX3LKBfjHyM6uF%2FRmq8erqwljJ173KF6W7psFBzSQBTtmtRqvP%2BmHMc1Sn8tBxvIuIqoYy1fa0nGnzWDNkuRfQc%2FrSRL8iEZNDoOpKH2a%2F0eM%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 826685da5dfd0e14-AMS
x-amz-cf-id: QkFTrQJ2jgOShf2KNeODZhqEYU1z9W_QROgEvAkQ7jVT0RrxGVe-iA==

GET subset-HelveticaNeueLTArabic-Light.woff
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET
H3 200 advance-search.svg
www.alwatan.com.sa/themes/watanksa/images/new-version/ 3 KB
3 KB 104ms
102ms Image
image/svg+xml 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/advance-search.svg
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7649b10cb82afbb22affa1258bbe2cb51832efd17cae1195d9cd533393f0beb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 ec2f767a4113b6a2b366ac7622dad01e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Apr 2021 06:32:57 GMT
server: cloudflare
etag: W/"60792f99-c95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyvEimZnHnvO57Wp%2BJEGdhI1s83juFn%2BpWvyR6Bk8U74220pMK%2FzjYSwmYw1Z3lBYoQ8JOcZX7qvnMwXoBLIFW6VsnuhX37RRiXLFjqRycm9SXy3lmpaf561EiZrANMo%2Bw4GFayW%2FOW1vbFWzASqYvI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 826685da6e030e14-AMS
x-amz-cf-id: qpwXonAKjSfLr1YW81FCE-MsJ7vdjXzVq9cgTR7zAjOX1V3oW5GtXw==

GET
H3 200 icon-siyasa-big.png
www.alwatan.com.sa/themes/watanksa/images/new-version/ 791 B
1 KB 72ms
69ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/icon-siyasa-big.png
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceb40f3df95d0ee83eade841f0389dd9adc6e4cf27f6876f240b3e61740ee2b8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 f5a3dd79e879ec195790fd94291f3198.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"5fd7812c-317"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REoSCxmjmx6gyMV%2BLe4borJSo8FXg6myw5WKL3MZEcDFPLs8uOy7Sv%2FZHwa85ilB8%2BWKYKDdlxvGNYnxogxgO7INZ6x607SKY%2F9H3XwDsYHEBmF6lC7bh%2FkWwB4lGi6Hf%2BQlcnvb4JeYFgljfCSZCek%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685da6e040e14-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 3WlzAmBTM2IvVpf0LMdsHA8F0Gtl0zpWRoCd-FeWJeGPNLF4wePDwQ==

GET
H3 200 icon-mahaliyat.png
www.alwatan.com.sa/themes/watanksa/images/new-version/ 2 KB
2 KB 71ms
69ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/icon-mahaliyat.png
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63172058eec5f2e551bee0e3cad9eac6637b59f47c581c1a926b22a11954d26d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 ec2f767a4113b6a2b366ac7622dad01e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"5fd7812c-63f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQzpXwZd%2FUddlHqV2o74J7y98nljQ5psTloJBy15NNxV2jL%2B7siW9qxMYpF4QbaH5YN1soWdKI5q4vDdeS%2Fxd1shXdZZSS8%2FXTepGv9ynqIEBkYNKuz4lRzAjWfiFraUC82DOLCyXJs3nU4WiKzgGzo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685da6e060e14-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: i-EGTBrVQorBHAl0w40pvI8kMgdQjcDZDsMXj1_8FMlUgxK_M--NQw==

GET
H3 200 icon-siyasa.png
www.alwatan.com.sa/themes/watanksa/images/new-version/ 1 KB
2 KB 41ms
39ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/icon-siyasa.png
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d46ec82b14e1c7c0b41bb589f0fd29864ba947d0db8e4a6e2ee79b8acc9a831f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 e6ef76f348359a0bc64c007ab009ebd2.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"5fd7812c-4c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3OyzeupjdfweSCBp%2FHgfEgQN8zTVvONMFmtmwFhEYiBrH1ZAq4%2FvIag8ApoXwWSJWRRsBzrStFidgON4HEqJsVMLdvqs0Ha5TDdAykLM803HzQum4v87yKmMQzgNss5dzBnsC3u%2BoZkrXzA4HZlY%2FA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685da6e070e14-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 76qWAv3eHEVimIjxKncDkdV7i9HwwUxQJFLm7SMtHdjDe2pIg_wQ-A==

GET
H3 200 icon-iktisad.png
www.alwatan.com.sa/themes/watanksa/images/new-version/ 1014 B
2 KB 72ms
69ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/icon-iktisad.png
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcca615fd243cb9d4441e1089193fd7b8756fa98e22b3d36e8650845108e9db1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 ec2f767a4113b6a2b366ac7622dad01e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"5fd7812c-3f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8OwKPTwTfU2fI9ml%2BDPq0cExKaD5FQHBXNc3p%2Fec%2F9CuVIu4oy6waBR8Gtku13FvqpVlEpGjiId7zpTdn2uhItf2rjnFEZldtTVSLwXEXhQu%2B7TYD5KBbMNI1stwonj%2BocKnF3NwzV%2FCCBlJYSsEY0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685da6e090e14-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: XM-3rLz1ds8h4S-Ss-iiSxH22M3PotLmQOeevJxmRqPMS2DN9ysA1A==

GET
H3 200 icon-sports.png
www.alwatan.com.sa/themes/watanksa/images/new-version/ 2 KB
2 KB 71ms
69ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/icon-sports.png
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cddf683f14c111c909832bf9fc3de2ff5fce5e7ac54ed4a7f1d795dd0c0a7553

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:42 GMT
via: 1.1 6cbc993371a5407a8b834ea22f7fcbd2.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"5fd7812c-68e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxCM%2Fli40OP95mHHeVP7ONYbAeh%2FXzbSp82S228hcxDMLp2Wfi7Jc8RH74pQz06GsaEK3lxhlOEvMWKqeJvU5MCthn5u88fVi3b1kJ3LfkSVsGU0aMG6u9EJvvQfZW3tGu6NSqaOWVVJ94I9GuwhNBM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685da6e0a0e14-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gmWLmi_gBBgoFAbmmG6YLZV_GMnH0SPMUJc9u3LIJPp3gdAP7_93jA==

GET subset-HelveticaNeueLTArabic-Bold.woff
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET fontawesome-webfont.woff
www.alwatan.com.sa/css/font-awesome/fonts/ 0
0

GET subset-HelveticaNeueLTArabic-Roman.woff
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET subset-HelveticaNeueLTArabic-Light.ttf
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET subset-HelveticaNeueLTArabic-Bold.ttf
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET subset-HelveticaNeueLTArabic-Roman.ttf
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET fontawesome-webfont.ttf
www.alwatan.com.sa/css/font-awesome/fonts/ 0
0

GET
H2 200 spc.php Show response
ksa.tadafuq.com/adserver/www/delivery/ 436 B
645 B 42ms
42ms Script
application/x-javascript 167.172.177.153
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ksa.tadafuq.com/adserver/www/delivery/spc.php?zones=27&source=&r=98543292&charset=UTF-8&loc=https%3A//user.mrv2ray.monster/
Requested by: Host: ksa.tadafuq.com
URL: https://ksa.tadafuq.com/adserver/www/delivery/spcjs.php?id=20
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.172.177.153 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fbcfeee993ba7d80928c7da457ab44e0a6f8a9fc6cd03f49d3852da02d8726d1

Request headers

Referer: https://user.mrv2ray.monster/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 09:39:07 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET
H2 200 lg.php
ksa.tadafuq.com/adserver/www/delivery/ 43 B
330 B 46ms
45ms Image
image/gif 167.172.177.153
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ksa.tadafuq.com/adserver/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=27&loc=https%3A%2F%2Fuser.mrv2ray.monster%2F&cb=5e8a60d69c
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.172.177.153 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 09:39:08 GMT
server: nginx/1.18.0 (Ubuntu)
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET
H3 200 icon-opinion.png
www.alwatan.com.sa/themes/watanksa/images/new-version/ 1 KB
2 KB 41ms
40ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/icon-opinion.png
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3804b89b3ba16539d0f32abf5c74f963df24881a825b1f7b95646336ce3e12e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:43 GMT
via: 1.1 11dfc8c750cf42e4f5f3a7296512a1f8.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"5fd7812c-466"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wL0V1sXBn5h8Rwck08j04wjPCyJLIShA8q0hWzM6gtlgMfY%2Be%2BaRhCw89AjTJAziS47xdmanN1vOUdA21tQwBnDiM278I7FYAao56H8zxZgXlnHEYym0odIqDRO72sNYgodWId1wDYXvS9jPwnVMuI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685df9ab00e14-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: jM61vWkOj9wdsdD38s4kIWFWSlmAjdbVhlGoHj3gfXYNUWDt1OG25Q==

GET
H3 200 icon-2osbou3iya.png
www.alwatan.com.sa/themes/watanksa/images/new-version/ 755 B
1 KB 39ms
39ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/icon-2osbou3iya.png
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30ba3c7b27a2f22dd32a48007817230beac37ff3f604ff9c94f3aad037b92b7d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:43 GMT
via: 1.1 70edb33d401d701d341a00ffeb978b84.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"5fd7812c-2f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3J2aaCH8ViaJufX63hVKd3ZdFgSEi00p%2BSIEw0nrOsp14Uf%2F1%2BZdvxMUxicDx1YjAHNVs6ku5WmpSzLp%2FbCKzZC7kfTsKdJKCrChvukcSeInF6USbHXVY2oZrUiAo7iWNsSCA4sbSFiRZjfbefyKwBk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685df9ab30e14-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: BI7_5P-fdwYMQVX3E3LP5iqqglpA0nWaNMLhhwERHBUkokqINuHJsg==

GET
H3 200 icon-hayat.png
www.alwatan.com.sa/themes/watanksa/images/new-version/ 2 KB
3 KB 63ms
63ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/icon-hayat.png
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d005f568d4c513110ca0fcd01d1adf4373e9c41bb578bad6661ed7c86b8964ee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:43 GMT
via: 1.1 1d10719558a2481e0d462e12964f647a.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"5fd7812c-91c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqmgTnXCv%2FBLgIw2arPGs5%2B0sK3EI5aa44kB5xrf56DrQGc0ekb45E9ErKpufR87n%2FEI%2F47emxf5w7ZlI4m3AbdjWJMBohrQbm9Hatmd%2BseWzoTWBr0IR6s3I%2BLXtctsh5ixZwNYybfOpQ67cgG5Vpg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685df9ab40e14-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: YS8naJuVFTubuLBJNC_DH6_3ZJ_cBUHBrIMUXQz2bDdNdItDNzi68w==

GET
H3 200 icon-jazan.png
www.alwatan.com.sa/themes/watanksa/images/new-version/ 1 KB
2 KB 42ms
41ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/icon-jazan.png
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fae5549be939d7d665f376e2e91630850617574f9b97c2f342c28062cf09fd2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:43 GMT
via: 1.1 551a3a9c2bf1e2158a9f24897afe2b8c.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"5fd7812c-599"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y82neN9Ot6CbOdn7%2FTFU43dPdWxkmIXSa0F3QntxwbB%2FFNc0ar5UXtPbBbGUK%2FFjCdXBKn7zgdXm70iHai%2FKFgesxwf5h4LlhXRECT4nPiiIr%2BVtu3TUWwmPH7Kh5spHd94zLDGLpq3dM8iYMjU%2B0LM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685dfaac30e14-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: yGrJxwsoMn5q9m4JCNqErKKM5qgStLMDWKvfLrNp2gM5CteS60BXrw==

GET
H3 200 icon-kasim.png
www.alwatan.com.sa/themes/watanksa/images/new-version/ 2 KB
3 KB 48ms
47ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/icon-kasim.png
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cc365033333f6531aa77de61b1124b5afdfc703417a24840df42863ad0643e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:43 GMT
via: 1.1 bf57ce1929fb438631e46b2c83b05e2a.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"5fd7812c-883"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIIWxMUalx%2Fnp7937mb%2F8QeSYBZJupJoCerBXCZuVXgpBRG0YgNJ77F6vpHKZqBwot6qCJBEZSl%2FQk11jGYvyKBAOppJxi%2FarYygt%2B60KxzhBPZkkzNwbpB3nZZq0uNu%2BPDOs52AhJ23qhvHEdIEdJk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685dfaac90e14-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VWDKEQGLAvoBRGXTla_Q_Ac7X2i1K3n5ki0_XVmLKj-8UHb5ntqZ1Q==

GET
H3 200 icon-corona.png
www.alwatan.com.sa/themes/watanksa/images/new-version/ 1 KB
2 KB 45ms
45ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/icon-corona.png
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6593dc83d7cc3d9958ceeeca96da5259feb4c7dfc1d80a1b6202da7c694c8d88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:43 GMT
via: 1.1 a4f5633e78f92f983940236e96220232.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"5fd7812c-598"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7jTVpN4OfAt6PE7D6YzAWmsE0gMRyWdvg9kirhmmSzbJJzFOPdcdGKnhOwnyhGSQ5jIHCLSgAqWA3DPP59EsTfU%2BxHD3E3sowki%2B%2BjatLMzQJO%2Fk%2BpfpXzrEKeMphUf3p49ud8z73ptHlAcfaCf0AI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685dfaacb0e14-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: B1lrxHLKtRGYLNfmrmqVS0h03pMxf5pwSrcv3KTObFG-KxXOkGnb4A==

GET subset-JannaLT-Bold.woff
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET subset-JannaLT-Regular.woff
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET sync
spadsync.com/ 0
0

GET
H2 200 fetch-geo Show response
www.foxpush.com/ 484 KB
170 KB 493ms
72ms Fetch
application/json 2606:4700:20::681a:55d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foxpush.com/fetch-geo
Requested by: Host: native-cdn.foxpush.io
URL: https://native-cdn.foxpush.io/foxpush-bidder.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:55d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b07e79eab60b1b4f1b735f92fb02441ba2f2627857a1a8f5f4d4b75d249e2b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:44 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EJXkRg%2FX0FI2Ae3j8O6hRr1%2BoqaJ64JW8odS%2Be38VPOHi6jnGvAtsOlXoDR4KrWuk7nr7pLkaP1DIUL0sKWOuhAlMxknfL0h4GNN8SUGyE0DryvBH6zy2mmtbNzU1Sg%2FaWJIFRT6lA1UY9gVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cf-ray: 826685e27d120119-AMS
alt-svc: h3=":443"; ma=86400

GET subset-JannaLT-Bold.ttf
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
66 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-66916270-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W4ZJPVS51M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

950ccc32dfd1aec245c38f054a79c5e968e77a549cc13caeb94e65ebdfa3f322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67950
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Nov 2023 09:38:43 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 414ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W4ZJPVS51M&gtm=45je3b81v9108163774&_p=1700041123746&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=300563914.1700041124&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700041123&sct=1&seg=0&dl=https%3A%2F%2Fuser.mrv2ray.monster%2F&dt=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1593
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W4ZJPVS51M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 09:38:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.mrv2ray.monster
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET subset-JannaLT-Regular.ttf
www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/ 0
0

GET
H2 200 /
cdn4.premiumread.com/ 90 KB
91 KB 377ms
37ms Image
image/jpeg 2606:4700:20::681a:74e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.premiumread.com/?url=https://alwatan.com.sa/uploads/images/2023/11/14/986139.jpg&w=400&q=100&f=jpg
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:74e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.14
Resource Hash: 55846dedce4d2df3718916c3ac91fe637ec2ccb264d61245fe99c70a0cdee0c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64312
cf-polished: origSize=140663
x-powered-by: PHP/7.4.14
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Tue, 14 Nov 2023 15:46:52 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKjZYOr7c%2B7Fz7ce%2B72Bli%2BSqNE1weyHqOh%2BTXRK6XGIIVTMYzmq44gnlkyYkTBmDSlPro8iSrQe2%2BV85IOTsZ%2F%2FvMkOV8guq7m0KrgPhcD5VrM4irJXPCdusqYFwP%2B510gLi7i0KOSXuI9gs1kdEko3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fastcgi-cache: HIT
cache-control: public, max-age=31536000
cf-ray: 826685e27d796568-AMS
expires: Sun, 12 May 2024 15:46:51 GMT

GET
H2 200 /
cdn4.premiumread.com/ 84 KB
84 KB 388ms
64ms Image
image/jpeg 2606:4700:20::681a:74e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.premiumread.com/?url=https://alwatan.com.sa/uploads/images/2023/11/06/983418.jpg&w=400&q=100&f=jpg
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:74e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.14
Resource Hash: 5ad849ce568ba6e08a6522ea376ec59ef3d48d6364fbd1d024e81c651a75ed78

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 223657
cf-polished: origSize=97054
x-powered-by: PHP/7.4.14
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 12 Nov 2023 19:31:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvGlAHGlP1k%2F%2ForeQATQScLHcP%2F66e1c%2FVhqDJugkxdB2P5ykd9LjveMd5GOqaAGNeO5QQ95FKhYjGvQfDiJGg1xa1DfTQXvfbWVPYvL9kWK%2Fg9bydiJmrGMpSfdLz%2FHnLq1RPsNVdBd4%2BkY4YfgQu97"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fastcgi-cache: MISS
cache-control: public, max-age=31536000
cf-ray: 826685e28d7b6568-AMS
expires: Fri, 10 May 2024 19:31:06 GMT

GET
H3 200 new-video-play-icon.png
www.alwatan.com.sa/themes/watanksa/images/new-version/ 4 KB
4 KB 42ms
42ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/new-video-play-icon.png
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e335e08df90f94d7550e174407757c9a74a1af8c62e7499f9eab475e8b141a52

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:43 GMT
via: 1.1 5ca3eb318b3d637b6c83037daa75f174.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"5fd7812c-f60"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fi%2B9n5R2tKtJSzoR9lAHVc0ZmrhdSksYiS%2Fyq3IQYMUipYIvrNwLylnJkgxL9rCrobG7mC957MXahSRKTS4ymsZsGFypL2zGd4yREYwBgtp1rVGxNPTVpCnKke15ZgFzxZBpSc29wZSrbR1ZnRJjpJg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685e08bc10e14-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 23au8vt4jrrOQBtuwsFxGLY1PlfH6okIF-dIpvZgEIJGWLW8RNb7tw==

GET
H3 200 icon-infograph.png
www.alwatan.com.sa/themes/watanksa/images/new-version/ 1 KB
2 KB 42ms
42ms Image
image/png 2606:4700:3034::6815:345c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alwatan.com.sa/themes/watanksa/images/new-version/icon-infograph.png
Requested by: Host: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:345c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457de08b05258dfb17452aa1b7cf98a3bc49c5468cbf6580dbec5b02aee444e0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.alwatan.com.sa/themes/watanksa/css/style-new-version.min.css?v0.72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:43 GMT
via: 1.1 a6f8e4a6d80386054febd47005eabaca.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 15:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-cf-pop: AMS58-P1
etag: W/"5fd7812c-470"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uIkcOrlGL46h2vVH0HejWf75gi%2FNmKHzSMAbFOGlWNLw0qalTdWHUoOR%2BDjQbiTocovczG%2BOWMeyjhxiWmXxHaWyQQS%2Ff0PyDA9Ixs2SSBJd2O8FrHbyfgmV4Eb25ClCRTN%2BChJwYpwCBAiBsLxtu4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826685e09bd00e14-AMS
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FAgXkJ3AKCr_I1h20K1GsloPXoE1FzG9VIykAumHn02DP10GNJSm6A==

GET
H2 404 F_b-ZDg-OH8
img.youtube.com/vi/ 1 KB
1 KB 357ms
66ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/F_b-ZDg-OH8?feature=share/hqdefault.jpg

Requested by

Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:44 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/jpeg
cache-control: public, max-age=30
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1097
x-xss-protection: 0
expires: Wed, 15 Nov 2023 09:39:14 GMT

GET
H2 200 /
cdn4.premiumread.com/ 116 KB
116 KB 344ms
66ms Image
image/jpeg 2606:4700:20::681a:74e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.premiumread.com/?url=https://alwatan.com.sa/uploads/images/2023/11/14/986344.jpg&w=550&q=100&f=jpg
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:74e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.14
Resource Hash: 45c400f54dc8aabf9f04dcfa23c9964562f16685d2c0cf792c498701cdce5a32

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Nov 2023 09:38:44 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 09:38:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.14
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJ1tqN0p%2FvkLdPhSB3wu851FQ5qyGS0Fq3jPfVJgzgcnSAjN2dWZsoCy9YZs1cWQzjsqzUM4axkS6UEriG2wlV0vCfyZZyffpR4C3TNVPUgu1q%2F%2FxtQcNOrJ6EAiz2Qq7QOhBkVAJV7VCfR0MychXcUj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fastcgi-cache: MISS
cache-control: public, max-age=31536000
cf-ray: 826685e28d7c6568-AMS
expires: Mon, 13 May 2024 09:38:44 GMT

GET
H2 200 /
cdn4.premiumread.com/ 80 KB
80 KB 344ms
65ms Image
image/jpeg 2606:4700:20::681a:74e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.premiumread.com/?url=https://alwatan.com.sa/uploads/images/2023/11/15/986490.jpg&w=400&q=100&f=jpg
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:74e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.14
Resource Hash: 53a2ce7c525d34b071a1f82d6f03dd0c163f29f4172c134145a25b4c6c1553b0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Nov 2023 09:38:44 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 09:38:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.14
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81Aus%2B%2BYuVi0J%2F5JPYMcXlXGCprxbGiVL1o78GnDlwMhgZceIWavoAJGlbVy7TTyvKbFCQHo3WlwidHSM6yBbRJZMrTvvVnm3ePVlVywP8C8QpODw9XR3p2WPdgd3dAutr%2FNTeixWxBMC5jUprOClhto"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fastcgi-cache: MISS
cache-control: public, max-age=31536000
cf-ray: 826685e28d7e6568-AMS
expires: Mon, 13 May 2024 09:38:44 GMT

GET
H2 200 /
cdn4.premiumread.com/ 88 KB
89 KB 344ms
66ms Image
image/jpeg 2606:4700:20::681a:74e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.premiumread.com/?url=https://alwatan.com.sa/uploads/images/2023/11/14/986191.jpg&w=400&q=100&f=jpg
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:74e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.14
Resource Hash: b6fbdea1e1fa6fd7b9c5ce02e0d38479fd136158865335ee947d3cdd10987e37

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Nov 2023 09:38:44 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 09:38:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.14
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJVEYbGYnrlWN7RyZDORtKJDeEdYRAwKqt1Xr2D0Y6isDsqqziQm9B48wDcDBrDQBgCfa7hdyHqXces5NqzigG8DkaqL1hu8A%2FlqDqsb8k%2BB3LAiW6Q0i2h5IOIgXa9hC89JD8QxMn2OMFMv8oQrCQoV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fastcgi-cache: MISS
cache-control: public, max-age=31536000
cf-ray: 826685e28d7f6568-AMS
expires: Mon, 13 May 2024 09:38:44 GMT

GET
H2 200 /
cdn4.premiumread.com/ 34 KB
34 KB 343ms
65ms Image
image/jpeg 2606:4700:20::681a:74e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.premiumread.com/?url=https://alwatan.com.sa/uploads/images/2023/11/15/986491.jpg&w=400&q=100&f=jpg
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:74e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.14
Resource Hash: 095c5c0f49a30999284e21b1605301f0e093562295edc0b8928337e6a30195db

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Nov 2023 09:38:44 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 09:38:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.14
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEuC4jqB%2BMw6X2SFNCx%2B%2FMXGkbUaD%2BP79QpePDGyEAbJxQRvovmsPt%2FLk70Wiew9mNFh8Ax0Sd7BofRxulkuOVeQiuDN7z%2Fq42KUZk5MwfhIujhgF3KssfxEJRhY5Q2DiX86ui%2BL6vfhcC7v7825Hq%2Bi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fastcgi-cache: HIT
cache-control: public, max-age=31536000
cf-ray: 826685e28d816568-AMS
expires: Mon, 13 May 2024 09:38:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 275ms
32ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-66916270-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Nov 2023 09:16:44 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1320
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 15 Nov 2023 11:16:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 40ms
39ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=222950433&t=pageview&_s=1&dl=https%3A%2F%2Fuser.mrv2ray.monster%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=680716046&gjid=15243850&cid=300563914.1700041124&tid=UA-66916270-1&_gid=574810569.1700041124&_r=1&gtm=457e3b81z89108163774&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1290229954

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.mrv2ray.monster/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 09:38:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.mrv2ray.monster
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 102ms
33ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-66916270-1&cid=300563914.1700041124&jid=680716046&gjid=15243850&_gid=574810569.1700041124&_u=YADAAUAAAAAAACAAI~&z=1324917964

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.mrv2ray.monster/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 15 Nov 2023 09:38:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.mrv2ray.monster
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK moosend-tracking.min.js Show response
cdn.stat-track.com/statics/ 73 KB
22 KB 98ms
29ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stat-track.com/statics/moosend-tracking.min.js?ts=5666803
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: fc57ddb98ee125ff3aeb5414d574a04ae1c7562a43b4e885e1cf4f2b8c7e4b3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 09:38:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Feb 2023 16:45:56 GMT
Server: AmazonS3
x-amz-request-id: Q952R32C08F5C0BN
ETag: "6374347c2f37ee9987690c45f26a9d79"
x-amz-server-side-encryption: AES256
X-HW: 1700041124.cds202.am5.hn,1700041124.cds261.am5.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3272
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22435
x-amz-id-2: Z3RrSIoIKjlDvhJSZxJwPfW7NEr5/remhyhaZNwe/dOK4cZRUn+b4zOMd4+TPMKFAh+SwB8PqvY=

GET
H3 200 foxpush_sticky.css
www.foxpush.com/banner-sdk/general/ 689 B
1 KB 72ms
40ms Stylesheet
text/css 2606:4700:20::681a:55d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foxpush.com/banner-sdk/general/foxpush_sticky.css
Requested by: Host: native-cdn.foxpush.io
URL: https://native-cdn.foxpush.io/foxpush-bidder.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:55d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3550b56123de317b90aba9baed41aba6e09e6be5a7a5ed673b2c682511c8ca7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:44 GMT
via: 1.1 14ece26b907b2b297edda8cd1de9a9b4.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: FL3ghwAwN8e7Gcun9S0KDYATpNpA27Re
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3029
x-amz-cf-pop: AMS50-C1
cf-polished: origSize=748
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 13 Jul 2023 15:49:13 GMT
server: cloudflare
etag: W/"32732f50447739ab6a5c655ca485bbcf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSw94hfi7IZ9tWJXdgGj5OcUShi7gdn6uSw98kUM7BMvDPnYVvKVa%2FlcNPeBA1Unw427qJS2MmyPpPdpSbeOQaXPfsWGj8g7soi4Z7Zq%2Bmv9pkvVvQBDsP09H6cExnqrrDMY7Aj6bz4br99tMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 826685e38c0666c2-AMS
x-amz-cf-id: eKqCC2vgv5FvzeUl5lCIzZUDPyKA0OHZAhPfTQDF9PIcR_tZru_Vjg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 256ms
182ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: native-cdn.foxpush.io
URL: https://native-cdn.foxpush.io/foxpush-bidder.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64446b7c5eb76797026fae96552a7c30392aea9f22673034ecbe86b781172c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31446
x-xss-protection: 0
server: cafe
etag: 570 / 19676 / m202311090101 / config-hash: 8561109728819297004
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 09:38:44 GMT

OPTIONS
H/1.1 204
NoContent 490112e576ba485fbb6bbaede77ae122
forms.m-pages.com/api/forms/ Frame 0
0 122ms
55ms Preflight
application/octet-stream 212.32.243.55
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.m-pages.com/api/forms/490112e576ba485fbb6bbaede77ae122
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.32.243.55 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://user.mrv2ray.monster
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Content-Length: 0
Content-Type: application/octet-stream
Date: Wed, 15 Nov 2023 09:38:44 GMT
Server: awselb/2.0

POST
H/1.1 200
OK 490112e576ba485fbb6bbaede77ae122 Show response
forms.m-pages.com/api/forms/ 2 B
225 B 54ms
54ms XHR
application/json 212.32.243.55
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.m-pages.com/api/forms/490112e576ba485fbb6bbaede77ae122
Requested by: Host: cdn.stat-track.com
URL: https://cdn.stat-track.com/statics/moosend-tracking.min.js?ts=5666803
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.32.243.55 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json
Referer: https://user.mrv2ray.monster/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 15 Nov 2023 09:38:44 GMT
Content-Encoding: br
Server: awselb/2.0
Content-Length: 6
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 07:40:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7115
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 14 Nov 2024 07:40:09 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 53 B
80 B 212ms
93ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=user.mrv2ray.monster

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64e7afcea9810c7f56c889803d82b3834ee954126be0a6c92524e7007da0e481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
x-xss-protection: 0
expires: Wed, 15 Nov 2023 09:38:44 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 234 KB
25 KB 256ms
256ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2924802332654557&correlator=3604529996410438&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21695768448%2CHP_LeaderBoard_Ad_728x90_zone4%2CLeaderBoard_Ad_728x90_zone3%2CHome_Page_Top3_300x100-mobile%2CHome_Page_Top2_300x100-mobile%2CHome_top4_Page_300x100-mobile%2CLeaderBoard_Ad_728x90_zone1%2CHP_LeaderBoard_Ad_728x90_zone5%2CHome_Page_Top1_300x100-mobile%2CAllpages_300x300%2CAllpages_300*300_top%2CLeaderboard_AD_728x90_zone2%2CHome_Page_Top_Main_AD%2CSide_Ad_120x600_Right%2CSide_Ad_120x600_Left&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14&prev_iu_szs=728x90%2C728x90%2C300x100%2C300x100%2C300x100%2C728x90%2C728x90%2C300x100%2C300x250%2C300x250%2C728x90%2C728x90%2C120x600%2C120x600&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700041124899&lmt=1700041124&adxs=436%2C436%2C-12245933%2C-12245933%2C-12245933%2C436%2C-9%2C-12245933%2C260%2C260%2C436%2C631%2C1470%2C10&adys=4197%2C3843%2C-12245933%2C-12245933%2C-12245933%2C1912%2C-9%2C-12245933%2C3392%2C1517%2C196%2C742%2C381%2C381&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C-1%7C-1%7C-1%7C3%7C-1%7C-1%7C4%7C5%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fuser.mrv2ray.monster%2F&vis=1&psz=728x90%7C728x90%7C0x0%7C0x0%7C0x0%7C728x90%7C0x-1%7C0x0%7C300x250%7C300x250%7C728x90%7C728x90%7C120x600%7C120x600&msz=728x-1%7C728x-1%7C0x-1%7C0x-1%7C0x-1%7C728x-1%7C0x-1%7C0x-1%7C300x-1%7C300x-1%7C728x-1%7C728x-1%7C120x-1%7C120x-1&fws=4%2C4%2C132%2C132%2C132%2C4%2C2%2C132%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=300563914.1700041124&ga_sid=1700041125&ga_hid=222950433&ga_fc=true&dlt=1700041122549&idt=2221&adks=39344347%2C2615638461%2C3101621186%2C460996577%2C3610152495%2C1936358726%2C611210418%2C40005472%2C671627004%2C2385424299%2C1024801496%2C1513504981%2C3666817033%2C3834013643&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e183d477902169b003ef5e3bc6c83cf6ca12650fb9885ccd09083773ab127705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25298
x-xss-protection: 0
google-lineitem-id: 6407075756,6406107004,-2,-2,-2,6407068763,6404217816,-2,-2,-2,6407075249,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138452538565,138452488882,-2,-2,-2,138452537305,138452538664,-2,-2,-2,138452538832,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://user.mrv2ray.monster
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 564 B
306 B 71ms
71ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2924802332654557&correlator=3604529996410438&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21795300705%3A21695768448%2Cssp_display%2C22928630099&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=15&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700041124919&lmt=1700041124&adxs=6&adys=980&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fuser.mrv2ray.monster%2F&vis=1&psz=-1x-1&msz=-1x-1&fws=516&ohw=227&ga_vid=300563914.1700041124&ga_sid=1700041125&ga_hid=222950433&ga_fc=true&dlt=1700041122549&idt=2221&cust_params=url%3Dhttps%253A%252F%252Fuser.mrv2ray.monster%252F%26lang%3DAR&adks=1958861425&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d97c86584638322a004bf36b18604be649220fe8ee48f661e2f00efd8ad47d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 276
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://user.mrv2ray.monster
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 157ms
80ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a2fe5fe79acb8a192a7139ff8c4e217a58db80e71326a9a6a4a8269accc491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12297
x-xss-protection: 0

GET
H2 200 container.html Show response
e95162bbbb3026a4064916ef548a9709.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4935 6 KB
3 KB 306ms
150ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e95162bbbb3026a4064916ef548a9709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user.mrv2ray.monster/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 09:38:45 GMT
expires: Thu, 14 Nov 2024 09:38:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 375ms
249ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 09:38:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C99 0
0 71ms
70ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstC98-M_HB2uDXZ63e6Yks-neZHrbjJmMl5FbiwZZ977fR7yTKiommB2U9Lcq-LVFOQEn1BnLJMuDNZMGviv7ZyHOUgM_7r0J10SyaC3gk9XFtBZjbOnmlnHFN-hsWpfELFVymDfUxihV0RcsmMNtSbAM8mqlPHDwnS_Xjek1OFhr8wOkeDAddGvMK9zYFMBhshXOQoyA98q-ttybpyNuRNlFw4Y_pA1JLphZvIFj6xr5QF77SVduwVjspEjgg6lGxfXA8BH4LLIr_iFWRojA2jzgPvpPUbAeMPzHIp1Qdfto5hyrLjd3ye5xX0NShz2f5xxvoA3NUJ2S7BDI_pOQ-u9uHFXpP4LOQH27uSEu1q&sai=AMfl-YTuGpL1vnuO-aMV0zSklOg8S06lBEJ_CataegWcYyDzrXoDoIbBbd4UAQ1-zYx1Ft7tkcVo_a89LMGrrEa2H2PmX_Pp3pIosKzXiLmY3OK9IqPrlqvhatLmgog0RzGcGxDap-4C1_dbMXAZLievdOoN&sig=Cg0ArKJSzHPkFCNa2_9kEAE&uach_m=[UACH]&adurl=

Requested by

Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Nov 2023 09:38:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1C99 3 KB
1 KB 109ms
62ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 09:11:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C99 199 KB
64 KB 278ms
68ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699878811805094"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Nov 2023 09:38:45 GMT

GET
H2 200 925012599509640599
tpc.googlesyndication.com/simgad/ Frame 1C99 41 KB
42 KB 233ms
187ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/925012599509640599

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77404ea76a5491547e57d520256ee1e7472646995e355aacc66976678734cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 21:00:39 GMT
x-content-type-options: nosniff
age: 218286
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42487
x-xss-protection: 0
last-modified: Sun, 29 Oct 2023 18:27:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Nov 2024 21:00:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D171 0
0 71ms
70ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzmij5BfVWDpGwl56L3USFRSPWiCGiCN-5fEieUhzuHsHBK5YDAEk_rQG_povvc0sgRqUk51FeiHd4zuUdC7-zS_wwkxjzaNDla_DuHlED3XS8RW68EBuJDxU-_QfoRFY-mY4UYyp2W4TXiHJJMOnkkag4YPArhLQeUN_b3NiXPitp3LrI4BkPvoKt3f0Roah_MdZCvTicB7zANimlM-tkRIL1rT01DaWknOWJZvalvxd1OuQSg4JyNXwfXB-hdC3Jsms1yKeGlGFxI0n1YsTVBm9jFkUiTKMgI9s1Fth6bRgwTMWM0-YexGl2S78EoeiXLSNSxEKM8FpbCGT_sq2kEwK-a_BadVnfqbOY&sai=AMfl-YR0w08KndyAg2rZmW3Lq3gBTerHjbDYr1f7rPHy1AQU9vNwCaBo-v_unTwEtEXD0JdkNM1aaqcXbRB8i4HxO5IpAMBhdHo2pfrKZG6i5774_gXkrm7LMuM8NMIeKhcshRiBJDr3nRAWcWohdv9mgzSG&sig=Cg0ArKJSzOmzV28Fya1XEAE&uach_m=[UACH]&adurl=

Requested by

Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Nov 2023 09:38:45 GMT

GET
H2 200 925012599509640599
tpc.googlesyndication.com/simgad/ Frame D171 41 KB
42 KB 190ms
152ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/925012599509640599

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77404ea76a5491547e57d520256ee1e7472646995e355aacc66976678734cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 21:00:39 GMT
x-content-type-options: nosniff
age: 218286
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42487
x-xss-protection: 0
last-modified: Sun, 29 Oct 2023 18:27:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Nov 2024 21:00:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D171 3 KB
2 KB 99ms
61ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 09:11:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D171 199 KB
63 KB 327ms
126ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699878811805094"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Nov 2023 09:38:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E4C6 0
0 70ms
69ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvCXOZixDjU2vHDNP8i72f8gN3fctV3kN6ohnNpjgMV_iybh_vVPDkGxmT8wYkojZRs5xuNINX46YMmRgKn6PFZPMOqnKtCEF2SaU2a61kF8anIcMbNtMI-4_c9VmuJpSj6fApMP_HtFXEReU1HPh4-rgE-GygnGa80CJF2rcepIDCqHAN6Hs7ByUU7UMDhtSUAfbhm6zHPvA1JEadJsYqHqSQuUpLgrLvCuCjkeGpgMxxAkUMy4pmfV39ixuz77KTRo7YWvy1ptgoeBabNUxdn2WOX-WO7oF6o5LSaOq7YTJeMPZDWf0AaaX24PDE2XdGhR56MNcekN-P2X0rdiRSs5Vsp6JC3bRdGMN_&sai=AMfl-YSximiHkXxq6xKCRFpDpF9VOlTnzI9AyBjqPc97UpUCK9bMr8lGC-Xc2cyUZt2-ydlAX8IhuybMyDhwsltwQclaq8rHlh_WvIMyXJnz25hQZcrgloBjEFyX7mPsNcFCBCaG-lDwV0PUL8GphACqmlWd&sig=Cg0ArKJSzAMbAAXOWnpXEAE&uach_m=[UACH]&adurl=

Requested by

Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Nov 2023 09:38:45 GMT

GET
H2 200 925012599509640599
tpc.googlesyndication.com/simgad/ Frame E4C6 41 KB
42 KB 83ms
65ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/925012599509640599

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77404ea76a5491547e57d520256ee1e7472646995e355aacc66976678734cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 21:00:39 GMT
x-content-type-options: nosniff
age: 218286
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42487
x-xss-protection: 0
last-modified: Sun, 29 Oct 2023 18:27:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Nov 2024 21:00:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E4C6 3 KB
1 KB 228ms
228ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 09:11:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4C6 199 KB
63 KB 328ms
147ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699878811805094"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Nov 2023 09:38:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1227 0
0 72ms
72ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusjDTYo0pMeg2r28rjsf0YpJ2c7Q78NqBELwLAQBbYkVplpczHgVeOK39bJ7B7hIhqCv7wAlAork0tVr4hLxUFjmsblSWqNmX-5nTuuPC7Jk36sQGOL-CF3Y6wihaVWxGCToYCs9UmVbRsgHJ794cXAQsnN_SD5w8by_EsCOyAHpfvDfikmuQre1YwOX7ojXd3PRIrpdL4zBEkn1-_GkENYfyqK0h11GmS4LvVnoLEgXf9_urRH_QBZP003KqdgRhyAQft81UKMBihTVewM9Phs5XxhDUlY9Gn1yduvkvtqJKeLRj0tWaMIhBF3iGWNIY2QJh5o6lzMxjydgM9uHDbeiROZqOe8m3mmjYm&sai=AMfl-YR8urjkREaTxNvEpHtRbCO_2GK2uoNwExDQkJu-St6fUc_cUMPNsc6f-3N44BwkToF1EoB3mdUnAxcdLmv0X1lm0IacKnuTer9IBDJswiHxFOkeselJ3ltjq4SJ79if6iDTb0T1kNOTBR9eull1p-7t&sig=Cg0ArKJSzOOoAroacVSmEAE&uach_m=[UACH]&adurl=

Requested by

Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Nov 2023 09:38:45 GMT

GET
H2 200 925012599509640599
tpc.googlesyndication.com/simgad/ Frame 1227 41 KB
42 KB 211ms
210ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/925012599509640599

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e77404ea76a5491547e57d520256ee1e7472646995e355aacc66976678734cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 21:00:39 GMT
x-content-type-options: nosniff
age: 218286
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42487
x-xss-protection: 0
last-modified: Sun, 29 Oct 2023 18:27:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Nov 2024 21:00:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1227 3 KB
1 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 09:11:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1227 199 KB
63 KB 314ms
155ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699878811805094"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Nov 2023 09:38:45 GMT

GET
DATA 200
OK truncated
/ Frame 1C99 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48aa1de42de77320ad71a235ad41874bdfd1d320bbc41d6995423209d19bd180

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D171 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2923c5acb786993536e2cd105928d9db7c6ae61d157c8cf941e678f341244625

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E4C6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 191e192c0961a4ec83529fdc6ce3e2936328f7d21ecda95edd4ef3aa8ab0d8d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1227 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 571bd99010f99fdf810734f753f6b2b853f93bde5dba1cb48ce73ad92b928f42

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 79A3 13 KB
5 KB 60ms
59ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user.mrv2ray.monster/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 09:11:29 GMT
expires: Thu, 14 Nov 2024 09:11:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A26C 829 B
1 KB 202ms
73ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fcd0e58e26af5cca8bbdeaf5b2340f073669c487cad48f303050b4a9a048c947

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lTB0UqMaWyCcgqYp-sXHbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://user.mrv2ray.monster/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lTB0UqMaWyCcgqYp-sXHbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 09:38:45 GMT
expires: Wed, 15 Nov 2023 09:38:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C99 0
0 95ms
95ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8DsupKch0zqbYI-dkl5Gbmmtxc4RtT3jgHmhRTKsJdX_x3XGNUF-tjSnG8w4UreoDpDWt4oxth2ldmog7wpHfYuwjbtCokdjat4i11eUG4ITVmbfMGAb50i-L30yMNZ_xyB7xQnz4tstpV1W1UWeg2UmMTGgLVLHQJWK3iXyXiD5WUsFiAHwoLCXSjD74RmQ9v5aNMO1qWvjQ7XqpcvDlO113ZhxC771d4JjT-ES_CmFvNG7N47OXik3AY3i3UrOUPOLUqcHfTO3iot5XhU7Izf16nwfbocSeO2zku8IDU1u3bvr2INB_mFGMLr-21qAssRAbCXyuc1p3cR01f3AmSQUlT9mBbXt7ZuAAXbgwfQE&sai=AMfl-YT180B79hCfYWQTbTk4raC38w8NlZHFRigYTmMOVUT2chuySyB1XK6geGiMjnH5UpGgrPig2YFi9m3oJS6eDAZfo8poLkjb7fHd9Khw2POwkMkJco3AKvLSfBGeyIEujUggAVGud9aEgFP-kpV7lgR0&sig=Cg0ArKJSzL4c9I23ZlizEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Nov 2023 09:38:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D171 0
0 95ms
95ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstinGWI7E-DDljrZ83zp1wQ8MEs23vzhW-vywUpOTDzmRRA-P0lzARY3RRlDgite7ivA7wYBCMZoXko1bZjzCc2o6_mGNkr8v9xXV6xG4LwPd4apHcYL4FCayxrs2-S8JrL0hQ0uPPWzPC-_G-Ucu401hDxkJbRm6YdNuJ-OG3Tt3wk4H1Mg3Uya7HVnvLtbv4wPRuqKrTQHEkS5MqEL0B5ssdCFTpUBZAuYgCyVu_ZW3dxqmir3fhnJtjgpi2xOWyQiY8wbxCiKFM9una1nH103-o4rgMfDP9-5K098bxpGJCW-CYNuGut7yPDAPvYuJhlSlK18mcSNZKLEtGUE0KAbkO66XMuB9nP5HaIJ1A&sai=AMfl-YSOMEFYHZ1eGzx1qd-gRu1QrNXlZKVOfhi3rxOET56TgFQ-47Lai723qXRg6zn_1QV2pKtQD7YcC7ABAjavCo0WgxMOP6Eo-76oE8Q7kKG3bF0v-C2GGWIlJCQcsSR0BgBcpXMW3bsecquyhfzE-wMW&sig=Cg0ArKJSzG5XTTYTJ9V2EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Nov 2023 09:38:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1227 0
0 96ms
95ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSOano2_cs-HviwAKqb_sk6eMi9kpzquzoBhL5ly1fQnHsUi5iI_MhnIgRitiMO9Eir36zWsxn-WEQK16mz1X4Snm6c606RSk-yl6LVyPVKy2JgkC2Geg5Hxo4_b55UCcoEcL9zW9M12Sx3SxMaLyB99KI0zExCnGy2zqumXfiRk9a2VPLhwd4174kNlkiLa3xbEJ-BfRH-MUI4csNWzqWbZru0_S_WhnO-Wx1Sfwmhp7_iAV4RdWM0I_4uzI8JRIvi-FFf3pnMJisJcOTPQ1xcMEhXRMngikPkMf8TVF3wqJRXo1iG7WeSLYOjbdfNqBrdkTHp9cmw_tkVscqSAOeayrQXNwireLgsk8aBJo&sai=AMfl-YQ4vvNWIU4LtUrTpQg9-z1foLbF2Yl64y_MrNyHJ6d-q6-eZXZApxw5NoWVVg5sHSSf6IS3cWcPE4vIwnFpjtNHmFCfPGyfLWXhRfFbHUbsaU9fsw-hfB2HmqmO9_leox1SECVtro3aM3ZcWc_Q0Dxu&sig=Cg0ArKJSzASp0lmuhUCVEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Nov 2023 09:38:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E4C6 0
0 97ms
96ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstm1ZBymN7HIs92QS9e9o-hyvC2hP8G3ZQ-dkoz5-ekosZxMZl3TFHjoCmGhbsihQi-6ID3Ijt7yIVhIasXTKyvdFoER1V1hHohQ2hN37SojcuTVhPmcHeoHf2_tc_qx9RHk7TNEGUHRycfar2EB034nTOpPgM1D2oCJmzJ3KfL1x9HjIjCexiKMtiAeZ-on3HphBx2CnkZlFJTrLQD_A_4ws2RyP0Vh279yikIkpSk9t-K8zVRJTpid-ISBVd0yI664UlEVkJiojZDy67znoQ9-eSQTUMgzm4pjHgEHgAs0wO06AqBqNqYFVEaZXCHxbrsbd7vX1k0fIocOE9vUtTETpQfYU8YtTVHU-k0YuM&sai=AMfl-YRMQK1muV_JDXhsFbnWtY7qLOaOFiVNRXQXo6aX_eEr7P7CojvfQeAVvT6DAScbcGjJWeRKrRjOyWjqvnvQ7oMdPYSGUFglPmu0Ejj8TYfU0og66zTd2GMHkeysh23zg_yeotFI3X9GWh3rErdOEaxL&sig=Cg0ArKJSzKG2eHtum1I-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Nov 2023 09:38:45 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 79A3 39 KB
15 KB 100ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 18:52:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A26C 0
0 98ms
65ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=2924802332654557&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 265e901318d880c9da480e343aa506e53ca57515.js Show response
cdn.izooto.com/scripts/ 945 B
787 B 109ms
42ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/265e901318d880c9da480e343aa506e53ca57515.js

Requested by

Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

822af6cddfee67ad14b49ab0b1e8a90a77ec7951e2394a0d76195ae95655e888

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 19 Apr 2023 11:33:54 GMT
server: cloudflare
age: 364399
etag: W/"643fd1a2-3b1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 826685ed4a2db93c-AMS
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 09:38:45 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 79A3 0
10 B 32ms
31ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?C4QgYw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 321 KB
75 KB 44ms
44ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/265e901318d880c9da480e343aa506e53ca57515.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed7fd375dc3391da062f4f0dfef74ec66b972981059ae2cc911ee877b29250d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:46 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 10 Nov 2023 09:55:31 GMT
server: cloudflare
age: 430973
etag: W/"654dfe13-50342"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 826685ed8a63b93c-AMS
x-xss-protection: 1; mode=block
expires: Fri, 01 Dec 2023 09:38:46 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 64E2 4 KB
1 KB 36ms
36ms Document
text/html 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://user.mrv2ray.monster/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 187206
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 826685ee2b02b93c-AMS
content-encoding: br
content-type: text/html
date: Wed, 15 Nov 2023 09:38:46 GMT
expires: Sat, 16 Dec 2023 09:38:46 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 68ms
68ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=2924802332654557&bg=!NDelN3jNAAZxrfrxUa07ADQBe5WfON6Q9-NPw2lfa91M2FdM6WZJK4dv_phdvXKYl4TYTumQNa3IKa9X1owJfWi2SJ5kAgAAAGpSAAAABWgBBwoAHsoAu6uVfJVemq42TihNa6E5vfvOiyAAlYoqJaTYG5kCt1_GEw_NiB7vLQ1OesiZN6Xkx2BZhVyszz-X-e1lCizM3oIPnxpyu3uVn3b1Baodtr1M7yVHMSd9BxG3Zefp__2p_dzjLMx3t-oU_SgDzLCuGL-VCmfEW0qg6-V1VUJI-b0CVD-_rOl5Es0WmE8AyW1RSMG01ZfLGWGJU2YjzH8FsKc5zEMpOMnDfHIgq-OmCOw7JYOG0F_Mvuz-m7QAy-JiqTL4xQrn_mZLA_BoTy8Hli6GUduWVz_DCC607xAwrJy0VPhsCEAsDP_aBAyMEQ_lwO3Db49dEZxGRV-Hh6qh3IS8-GEUqONNQjgU9Q7Z9wD-MQCdiXynVNDs0JPiCQgYcHC9Vw3oE5RpDeiNPEKsr811-p5o5hZsFsaCkbl6utm8C5n8by1O_zz6Fs_KB_0KSJSk71YWtDJGB54ylR85xOlLRk561QBsR4aayuNdxdKxkNGX24c8_Fm-S0aKth-Tr46CberCJrcSUioDDgJFM1fJ3SE03KItlQdfu_1dl8OhSO-VhAbQV-dSyzKdcvKEB7NWEEj8ZbkNt_oWSkxsCSWke5yLFRJ44wj9ZWDJTgI6Sv46ntqjLCL-8BJKJ_EGiglqGoBsy8hKHCW3GLTN7H7cB4H_EFidIW8GUTJjrG_Vcquls_5S-QaFSX7IIyw0ulqazDcoUko4FJniehLlrrCIQNJrpOV117_YabaezmrNOhITB7x_o143M2tPtZIKStbXGptn29BQlt7EkaVneFD6-Ji_uhnSVY7UrGdvXna1UDb-bHUNsnDs3loOoT2uRdkzssDpd6DmgJWqihwO1SxiIDb-LbhkuhHWTxYijS7qGja5dHbN8E-IkbZ7rCWue77nrf6rtuPxBq994bcEqVqg5eMPRdgtTxWIVDgEeyGghS5MkSZ2_nSpyjZfjEjZcH4SDqPu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1227 42 B
175 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-ohNsFrwVTDpuiUrk93ACkVLLiYsFSRrTNmS_qvaAW3ymBIYgZ3twW4Dt6afZadaHkprhdB5L1VJYfgRi9ZBT_Chfj27BUjFpoo83k0xCwVSzd0yYrkp8hTGCL1oVb_dT4nBrZgrsjQ&sig=Cg0ArKJSzKfMAnZk2tMEEAE&id=lidar2&mcvt=1000&p=196,436,286,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231113&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1024801496&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700041125297&rpt=406&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 09:38:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 101 KB
31 KB 85ms
80ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535e9677b5f21a64dfb1bc00bcee00a084abf7536f60fdb265b3e775108de2c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31446
x-xss-protection: 0
server: cafe
etag: 760 / 19676 / m202311090101 / config-hash: 8561109728819297004
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 09:38:46 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
30 KB 123ms
118ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49862a28a69fdbab83c25e79d926b2b8f5887d788288d9f1a994ec387c1ad1f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30391
x-xss-protection: 0
server: cafe
etag: 313 / 19676 / 31079658 / config-hash: 8561109728819297004
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 09:38:46 GMT

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H2 200 5wkww2vrxn Show response
www.clarity.ms/tag/ 650 B
1014 B 227ms
122ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/5wkww2vrxn
Requested by: Host: user.mrv2ray.monster
URL: https://user.mrv2ray.monster/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 64f6f1a6c911a25d3150f150628cf01f87f27d6dff349789a17000b676ee4670

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
date: Wed, 15 Nov 2023 09:38:46 GMT
x-azure-ref: 0ppFUZQAAAACqNOskTnYcRoBqEgHOGnK3QU1TMDRFREdFMTkxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 650
expires: -1

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.16/ 59 KB
20 KB 29ms
28ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.16/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/5wkww2vrxn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 354142e53641e1e72a89609e46eff578e69d762290d65d84acaaf380751c20fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:46 GMT
content-encoding: br
last-modified: Sun, 12 Nov 2023 10:55:20 GMT
etag: "0x8DBE36DDD4CF754"
x-azure-ref: 0p5FUZQAAAABPH2KxkqdHSafaTOnwcC1jQU1TMDRFREdFMTkxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 50a93ced-501e-0029-6897-1710af000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DBE6400F598A46DC886ED3ED513C8FB8&RedC=c.clarity.ms&MXFR=210064C2BAC267662B277708BEC269D6
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DBE6400F598A46DC886ED3ED513C8FB8&MUID=0CBBD75354296C14148EC49955836DD0

42 B
444 B

43ms
41ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DBE6400F598A46DC886ED3ED513C8FB8&MUID=0CBBD75354296C14148EC49955836DD0
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 09:38:46 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 15 Nov 2023 09:38:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D2BF88AFAE364582851D924F91F1C1FF Ref B: DUS30EDGE0714 Ref C: 2023-11-15T09:38:47Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DBE6400F598A46DC886ED3ED513C8FB8&MUID=0CBBD75354296C14148EC49955836DD0
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 /
cdn4.premiumread.com/ 100 KB
100 KB 35ms
34ms Image
image/jpeg 2606:4700:20::681a:74e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.premiumread.com/?url=https://alwatan.com.sa/uploads/images/2023/11/12/985406.jpg&w=400&q=100&f=jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:74e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.14
Resource Hash: 6904b0f55e1479bd11b7fd882322efed1c77515958f851c607367cf73ea3ca05

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89248
cf-polished: origSize=158638
x-powered-by: PHP/7.4.14
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Tue, 14 Nov 2023 08:51:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLOPQRWMqpQmAakFemiboC9YhvFrrpdV%2Bgngm8GqpbYR68KRmOncmXe4nhbOLbD%2Fokxtz7bn%2FC%2FB010N7mvwxivusc9%2Bi2gxz1PMcwx2q5q6efCp%2BUWZ%2F74E%2FnJEhh1AKu19RYdQsUDf3%2FCSP5ALW0kC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fastcgi-cache: MISS
cache-control: public, max-age=31536000
cf-ray: 826685ffce406568-AMS
expires: Sun, 12 May 2024 08:51:19 GMT

GET
H2 200 /
cdn4.premiumread.com/ 58 KB
59 KB 37ms
32ms Image
image/jpeg 2606:4700:20::681a:74e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.premiumread.com/?url=https://alwatan.com.sa/uploads/images/2023/11/01/982045.jpg&w=400&q=100&f=jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:74e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.14
Resource Hash: accd20b9effddf0fb83eb0e1321a494a305d005e570686cd0e77df32bd0daf48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://user.mrv2ray.monster/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:38:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475947
cf-polished: origSize=67960
x-powered-by: PHP/7.4.14
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Thu, 09 Nov 2023 21:26:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfaX6SADNzKodOG8OOfNsyksSI4nUHRVlgTIBcFaynbbe%2BiVKrRskxRetnsa04XuDOle1xRmD7hhIIVBOe%2F2T95SYe8OHpSYjdkopf1TznEhJoGK1IPiHvGVJ2sDUJLng8pgbz34vivANyv6qe5dVycq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-fastcgi-cache: MISS
cache-control: public, max-age=31536000
cf-ray: 826685fffe646568-AMS
expires: Tue, 07 May 2024 21:26:20 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 31ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W4ZJPVS51M&gtm=45je3b81v9108163774&_p=1700041123746&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=300563914.1700041124&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1700041123&sct=1&seg=0&dl=https%3A%2F%2Fuser.mrv2ray.monster%2F&dt=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9&_s=2&tfd=8090
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W4ZJPVS51M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user.mrv2ray.monster/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 09:38:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.mrv2ray.monster
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Bold.woff2

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Roman.woff2

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Regular.woff2

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Bold.woff2

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Light.woff2

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts/Cairo-Regular.woff2

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Light.woff

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Bold.woff

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/css/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Roman.woff

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Light.ttf

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Bold.ttf

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Roman.ttf

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/css/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Bold.woff

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Regular.woff

Domain: spadsync.com
URL: https://spadsync.com/sync?sptoken=6f8ee998-8790-4bd8-84e7-da46e609dffdb5d1&sspid=Sij&pubid=foxpush&ssphost=user.mrv2ray.monster

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Bold.ttf

Domain: www.alwatan.com.sa
URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Regular.ttf

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
user.mrv2ray.monster/	1970-01-20 16:24:05	Name: AWSALB Value: aGHm2rWWJEmj3T4AvPf4fIXx7r34UENX8PJNLYDL5EJFE8XUAjtKkIvqKLmRG7uepFJ61B++HlwSpnFpfiIQGHVV79OeowOT/ES8TUXH0myumotlEpaY+dkJGlFX
user.mrv2ray.monster/	1970-01-20 16:14:02	Name: device Value: web
user.mrv2ray.monster/	1970-01-20 16:14:02	Name: device_used Value: web
user.mrv2ray.monster/	1970-01-20 16:14:02	Name: device_type Value: web
ksa.tadafuq.com/	1969-12-31 23:59:59	Name: OAGEO Value: 2%7CNL%7CEU%7C1%7CRotterdam%7C3044%7C51.93%7C4.4264%7C20%7CEurope%2FAmsterdam%7C%7CZH%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
ksa.tadafuq.com/	1970-01-21 00:59:37	Name: OAID Value: 049588c66850c882dea16130c1fa2275
.mrv2ray.monster/	1970-01-21 01:50:01	Name: _ga Value: GA1.2.300563914.1700041124
.mrv2ray.monster/	1970-01-20 16:15:27	Name: _gid Value: GA1.2.574810569.1700041124
.mrv2ray.monster/	1970-01-20 16:14:01	Name: _gat_gtag_UA_66916270_1 Value: 1
user.mrv2ray.monster/	1970-01-21 01:50:01	Name: uid Value: 4ad0d5e32e394c99806de8cbba77a52c
user.mrv2ray.monster/	1970-01-20 16:15:27	Name: sessionid Value: 57a116b1ba8d411ebd1b283f05e5b42f
user.mrv2ray.monster/	1969-12-31 23:59:59	Name: exitIntentFlag Value: true
.mrv2ray.monster/	1970-01-21 01:35:37	Name: __gads Value: ID=dc62958811903128:T=1700041124:RT=1700041124:S=ALNI_MbAhZlbzXoZ0jCB2UgLdPAeQKtqXQ
.mrv2ray.monster/	1970-01-21 01:35:37	Name: __gpi Value: UID=00000cc804515b91:T=1700041124:RT=1700041124:S=ALNI_MZnT7_0MN0AR7ON4j-D25FG4_C8rw
.mrv2ray.monster/	1970-01-21 01:50:01	Name: _ga_W4ZJPVS51M Value: GS1.1.1700041123.1.0.1700041125.0.0.0
.doubleclick.net/	1970-01-21 01:35:37	Name: IDE Value: AHWqTUkLqQfiDHSAoHBe_QfoLrphblfXSInxzEY-DUpqNpJ6zUmFlME5PIS2MC6JcGE
.izooto.com/	1970-01-21 01:50:01	Name: IZCID Value: 718b387e-bab6-4a70-9e55-ae91cb3908fa
www.clarity.ms/	1970-01-21 00:59:37	Name: CLID Value: 07a3babcf195403f95aa1565ddf7cebe.20231115.20241114
.bing.com/	1970-01-21 01:35:37	Name: MUID Value: 0CBBD75354296C14148EC49955836DD0
.c.bing.com/	1970-01-20 16:24:05	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:35:37	Name: SRM_B Value: 0CBBD75354296C14148EC49955836DD0
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:35:37	Name: MUID Value: 0CBBD75354296C14148EC49955836DD0
.c.clarity.ms/	1970-01-20 16:24:05	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:14:01	Name: ANONCHK Value: 0

42 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Light.woff2' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Light.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Bold.woff2' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/(Line 53) Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts/Cairo-Regular.woff2' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts/Cairo-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Regular.woff2' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Bold.woff2' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Roman.woff2' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Roman.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Light.woff' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Light.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Bold.woff' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Roman.woff' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Roman.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/css/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/css/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Roman.ttf' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Roman.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Light.ttf' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Light.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Bold.ttf' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-HelveticaNeueLTArabic-Bold.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/css/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/css/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://ksa.tadafuq.com/adserver/www/delivery/spcjs.php?id=20(Line 22) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ksa.tadafuq.com/adserver/www/delivery/spc.php?zones=27&source=&r=98543292&charset=UTF-8&loc=https%3A//user.mrv2ray.monster/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ksa.tadafuq.com/adserver/www/delivery/spcjs.php?id=20(Line 22) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ksa.tadafuq.com/adserver/www/delivery/spc.php?zones=27&source=&r=98543292&charset=UTF-8&loc=https%3A//user.mrv2ray.monster/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://user.mrv2ray.monster/(Line 2634) Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Bold.woff' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Regular.woff' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Bold.ttf' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Bold.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user.mrv2ray.monster/ Message: Access to font at 'https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Regular.ttf' from origin 'https://user.mrv2ray.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alwatan.com.sa/themes/watanksa/css/fonts-new-version/subset-JannaLT-Regular.ttf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://img.youtube.com/vi/F_b-ZDg-OH8?feature=share/hqdefault.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn.izooto.com
cdn.stat-track.com
cdn4.premiumread.com
certify-js.alexametrics.com
e95162bbbb3026a4064916ef548a9709.safeframe.googlesyndication.com
forms.m-pages.com
img.youtube.com
ksa.tadafuq.com
native-cdn.foxpush.io
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
spadsync.com
stats.g.doubleclick.net
tpc.googlesyndication.com
user.mrv2ray.monster
www.alwatan.com.sa
www.clarity.ms
www.foxpush.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
certify-js.alexametrics.com
spadsync.com
www.alwatan.com.sa
151.139.128.10
167.172.177.153
2001:4860:4802:32::36
212.32.243.55
2606:4700:20::681a:55d
2606:4700:20::681a:74e
2606:4700:20::ac43:45c6
2606:4700:3034::6815:345c
2606:4700::6812:d941
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:810::200e
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c0c::9a
2a06:98c1:3121::3
68.219.88.97
095170fb1d98436c025136fb7e3269ba209776c7e34cf1ecd0acde676efff575
095c5c0f49a30999284e21b1605301f0e093562295edc0b8928337e6a30195db
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
191e192c0961a4ec83529fdc6ce3e2936328f7d21ecda95edd4ef3aa8ab0d8d2
1fae5549be939d7d665f376e2e91630850617574f9b97c2f342c28062cf09fd2
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
26ad452a4b4bf5d027b5c6748bb06b7d63948270e001ab43bbcb284e3c46a2fa
2923c5acb786993536e2cd105928d9db7c6ae61d157c8cf941e678f341244625
2a53c92c6134d2c19510e23c95dabb4d1c6027c32dde0a02f7f93b6ad3c4360d
2cc365033333f6531aa77de61b1124b5afdfc703417a24840df42863ad0643e2
2d97c86584638322a004bf36b18604be649220fe8ee48f661e2f00efd8ad47d5
30ba3c7b27a2f22dd32a48007817230beac37ff3f604ff9c94f3aad037b92b7d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
354142e53641e1e72a89609e46eff578e69d762290d65d84acaaf380751c20fa
368add315e2e600662dcb93df5c409c4599cc14c338655704896336a1d38d317
3804b89b3ba16539d0f32abf5c74f963df24881a825b1f7b95646336ce3e12e4
3a893657918de46bddb4299de7c5cdaa557a49a39b4cb76c50edd904c2c78a84
4169d201cf4fea2a47fda430881918ad916c9b16bb19ef113691ea8975e44ae6
457de08b05258dfb17452aa1b7cf98a3bc49c5468cbf6580dbec5b02aee444e0
45c400f54dc8aabf9f04dcfa23c9964562f16685d2c0cf792c498701cdce5a32
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48aa1de42de77320ad71a235ad41874bdfd1d320bbc41d6995423209d19bd180
49862a28a69fdbab83c25e79d926b2b8f5887d788288d9f1a994ec387c1ad1f8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5342a29885029f7ff5ebbc88b2f6ff7e6009e20b3d29c940ddb5ac50b3fa1d20
535e9677b5f21a64dfb1bc00bcee00a084abf7536f60fdb265b3e775108de2c4
53a2ce7c525d34b071a1f82d6f03dd0c163f29f4172c134145a25b4c6c1553b0
54697473ee7bbc7bb8db83b108367e01915aecba5dee08e708820ec8227a7b7c
55846dedce4d2df3718916c3ac91fe637ec2ccb264d61245fe99c70a0cdee0c3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571bd99010f99fdf810734f753f6b2b853f93bde5dba1cb48ce73ad92b928f42
5ad849ce568ba6e08a6522ea376ec59ef3d48d6364fbd1d024e81c651a75ed78
5be47f8c0b3166be5befff89e5018197e1bee8837459b4fc6e310f1a492e6103
5ed7fd375dc3391da062f4f0dfef74ec66b972981059ae2cc911ee877b29250d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63172058eec5f2e551bee0e3cad9eac6637b59f47c581c1a926b22a11954d26d
64446b7c5eb76797026fae96552a7c30392aea9f22673034ecbe86b781172c10
64e7afcea9810c7f56c889803d82b3834ee954126be0a6c92524e7007da0e481
64f6f1a6c911a25d3150f150628cf01f87f27d6dff349789a17000b676ee4670
6593dc83d7cc3d9958ceeeca96da5259feb4c7dfc1d80a1b6202da7c694c8d88
662f9c1dd4bcbc87f325ff066215bc1d2cbb6fa54913ecd876c10d86798a627e
6904b0f55e1479bd11b7fd882322efed1c77515958f851c607367cf73ea3ca05
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f34f79041f910169e7eaccc6109494e93c720a6ae3bdb87e1c3b46a068eae2e
822af6cddfee67ad14b49ab0b1e8a90a77ec7951e2394a0d76195ae95655e888
8543b77ad5f571b47a0f13230e5d5abffa694823073594a635ceb110933aa9b3
8747d20453bc960aae9b61b9ed4fb6120a95391f10ded5ba27772ed6173cd595
88a2fe5fe79acb8a192a7139ff8c4e217a58db80e71326a9a6a4a8269accc491
8b07e79eab60b1b4f1b735f92fb02441ba2f2627857a1a8f5f4d4b75d249e2b1
950ccc32dfd1aec245c38f054a79c5e968e77a549cc13caeb94e65ebdfa3f322
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a2ca71bccb76dbc2b017bcf52e4908e1fefd7dff9b037a3af824fc371d487a2b
accd20b9effddf0fb83eb0e1321a494a305d005e570686cd0e77df32bd0daf48
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b6fbdea1e1fa6fd7b9c5ce02e0d38479fd136158865335ee947d3cdd10987e37
bb4f2c0cab0dcd2ffb80caeea8a863a0e05113408fd69603231020c7a05fc7c8
c27c2bec66857256c4caa1f9300f367e43f87a3a9a7c0f170522d9d5f0717f11
cddf683f14c111c909832bf9fc3de2ff5fce5e7ac54ed4a7f1d795dd0c0a7553
ceb40f3df95d0ee83eade841f0389dd9adc6e4cf27f6876f240b3e61740ee2b8
d005f568d4c513110ca0fcd01d1adf4373e9c41bb578bad6661ed7c86b8964ee
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d46ec82b14e1c7c0b41bb589f0fd29864ba947d0db8e4a6e2ee79b8acc9a831f
d7649b10cb82afbb22affa1258bbe2cb51832efd17cae1195d9cd533393f0beb
d9bc75f6e53c1561d95cddf33fc2074210b3ebe5eb1a9b9610cca9f59f74c7e2
dcca615fd243cb9d4441e1089193fd7b8756fa98e22b3d36e8650845108e9db1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e183d477902169b003ef5e3bc6c83cf6ca12650fb9885ccd09083773ab127705
e335e08df90f94d7550e174407757c9a74a1af8c62e7499f9eab475e8b141a52
e3550b56123de317b90aba9baed41aba6e09e6be5a7a5ed673b2c682511c8ca7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77404ea76a5491547e57d520256ee1e7472646995e355aacc66976678734cef
e7b8e3c65d1a620c812790eb4794dd3b09d4a673d89223c1b5af6ac4978f34c7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
fbcfeee993ba7d80928c7da457ab44e0a6f8a9fc6cd03f49d3852da02d8726d1
fc57ddb98ee125ff3aeb5414d574a04ae1c7562a43b4e885e1cf4f2b8c7e4b3d
fc810cb71df889c421af1dcfa974d930945ffa79c92b0956f89570fde4b4acdb
fcd0e58e26af5cca8bbdeaf5b2340f073669c487cad48f303050b4a9a048c947
fe5ead03e99278568718979714a82cff97ee9fb7c097c63ac4c901d9fd528704

user.mrv2ray.monster Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

120 Requests

82 %HTTPS

83 %IPv6

20 Domains

25 Subdomains

23 IPs

5 Countries

2051 kBTransfer

4739 kBSize

25 Cookies

129 Outgoing links

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

user.mrv2ray.monster Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

82 %
HTTPS

83 %
IPv6

20
Domains

25
Subdomains

23
IPs

5
Countries

2051 kB
Transfer

4739 kB
Size

25
Cookies

120 HTTP transactions
4 data transactions