monalizacomua.baronmunhausen2.workers.dev Open in urlscan Pro
172.67.172.249 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://monalizacomua.baronmunhausen2.workers.dev/
Submission: On May 29 via api (May 29th 2024, 1:43:56 pm UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 10 HTTP transactions. The main IP is 172.67.172.249, located in United States and belongs to CLOUDFLARENET, US. The main domain is monalizacomua.baronmunhausen2.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on May 20th 2024. Valid for: 3 months.

This is the only time monalizacomua.baronmunhausen2.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.67.172.249 172.67.172.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3037::ac43:9389	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:90c0:41:... 2a03:90c0:41:2801::62	199524 (GCORE) (GCORE)
1	49.12.9.151 49.12.9.151	24940 (HETZNER-AS) (HETZNER-AS)
1	2a11:27c0::93 2a11:27c0::93	210756 (EDGECENTE...) (EDGECENTERLLC)
1	2a02:ec80:300... 2a02:ec80:300:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
10	8

1 172.67.172.249 (United States)

ASN13335 (CLOUDFLARENET, US)

monalizacomua.baronmunhausen2.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:9389 (United States)

ASN13335 (CLOUDFLARENET, US)

www.capital.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

neftegaz.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.seafarersjournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

static.tildacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.9.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de3.zahid.host

facebar.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a11:27c0::93 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)

cdn.bcs-express.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	57 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3017	8 KB
1	seafarersjournal.com www.seafarersjournal.com	93 KB
1	bcs-express.ru cdn.bcs-express.ru	28 KB
1	facebar.com.ua facebar.com.ua	55 KB
1	tildacdn.com static.tildacdn.com — Cisco Umbrella Rank: 83147	786 KB
1	neftegaz.ru neftegaz.ru	92 KB
1	capital.ua www.capital.ua	320 KB
1	workers.dev monalizacomua.baronmunhausen2.workers.dev	6 KB
10	9

	Domain	Requested by
2	cdn.jsdelivr.net	monalizacomua.baronmunhausen2.workers.dev
1	upload.wikimedia.org
1	www.seafarersjournal.com	monalizacomua.baronmunhausen2.workers.dev
1	cdn.bcs-express.ru	monalizacomua.baronmunhausen2.workers.dev
1	facebar.com.ua	monalizacomua.baronmunhausen2.workers.dev
1	static.tildacdn.com	monalizacomua.baronmunhausen2.workers.dev
1	neftegaz.ru	monalizacomua.baronmunhausen2.workers.dev
1	www.capital.ua	monalizacomua.baronmunhausen2.workers.dev
1	monalizacomua.baronmunhausen2.workers.dev
10	9

This site contains no links.

Subject Issuer	Validity	Valid
baronmunhausen2.workers.dev GTS CA 1P5	`2024-05-20` - `2024-08-18`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
capital.ua Cloudflare Inc ECC CA-3	`2023-12-29` - `2024-12-28`	a year	crt.sh
neftegaz.ru GTS CA 1P5	`2024-04-05` - `2024-07-04`	3 months	crt.sh
*.tildacdn.com GlobeSSL DV CA	`2024-02-07` - `2025-02-20`	a year	crt.sh
facebar.com.ua R3	`2024-04-30` - `2024-07-29`	3 months	crt.sh
cdn.bcs-express.ru GlobalSign RSA OV SSL CA 2018	`2024-04-22` - `2025-05-24`	a year	crt.sh
seafarersjournal.com GTS CA 1P5	`2024-04-05` - `2024-07-04`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-18` - `2024-10-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://monalizacomua.baronmunhausen2.workers.dev/
Frame ID: F4C3CBBCDE008906428AAB6F96AB3EBB
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Почему Максим Владимирович Криппа купил Парус?

Detected technologies

Tilda (CMS) Expand

Overall confidence: 100%
Detected patterns

tilda(?:cdn|\.ws|-blocks)

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

10
Requests

100 %
HTTPS

63 %
IPv6

9
Domains

9
Subdomains

8
IPs

4
Countries

1446 kB
Transfer

1687 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
monalizacomua.baronmunhausen2.workers.dev/ 16 KB
6 KB 132ms
53ms Document
text/html 172.67.172.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://monalizacomua.baronmunhausen2.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.172.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c363ab2e65da87dc46006bf8b93a30a18b6715dcaf4f40c6a0cd900347f5db7c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 88b6ea71ed1c383d-FRA
content-encoding: br
content-type: text/html
date: Wed, 29 May 2024 13:43:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kra9rysAfghO6zCDhb05BgpyAeU1gEHnGiSZrHlC00bKJPSvKdreK1oTvgKzo36iORNWhZrWmOi03mTWJWb5RxfkeY6EmxcXCJOl5wDIJoEncQbBQP2dgQclfb%2FzHdMMo8YZUdh5lsrj9wsKznB2d24ttLg9dfXeppTvPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/ 216 KB
33 KB 230ms
38ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css

Requested by

Host: monalizacomua.baronmunhausen2.workers.dev
URL: https://monalizacomua.baronmunhausen2.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://monalizacomua.baronmunhausen2.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 May 2024 13:43:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26988251
x-jsd-version: 5.3.0-alpha1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33467
x-served-by: cache-fra-eddf8230112-FRA, cache-cph2320033-CPH
x-jsd-version-type: version
etag: W/"35e6c-cZlWqlLbTIr9xcDPs8verWJYuKY"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 07a0b000aec5d181ef0e333cde9b5ac4d3359f74.jpg
www.capital.ua/uploads/news/2016/10/13/ 320 KB
320 KB 286ms
95ms Image
image/jpeg 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/uploads/news/2016/10/13/07a0b000aec5d181ef0e333cde9b5ac4d3359f74.jpg
Requested by: Host: monalizacomua.baronmunhausen2.workers.dev
URL: https://monalizacomua.baronmunhausen2.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 678072cacf4d63ee62db7f6784243e0ddf9617d99c98f1f763cc2e8ee53fd781

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://monalizacomua.baronmunhausen2.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:43:51 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Oct 2016 08:06:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "57ff4088-4fe3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ouciRjpZK%2ByzQlosCha%2FppT%2Faxq4QkX5vkDtKaTOVLIwalMdPDTl7%2BsdsHHEhkmmLKtWOmO2aRYUGynPL362Izftoq38hvhc%2Bi%2BWKPplqSiWyIHRqrf86DCmkiAWKRQO7wdi6dx6PJOjPHg8Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 88b6ea73ae7891ef-FRA
alt-svc: h3=":443"; ma=86400
content-length: 327227
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 dengi-01.jpg
neftegaz.ru/upload/iblock/ade/rsar20y6u3os7g8mbltn3qugapef6b1k/ 92 KB
92 KB 488ms
294ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neftegaz.ru/upload/iblock/ade/rsar20y6u3os7g8mbltn3qugapef6b1k/dengi-01.jpg
Requested by: Host: monalizacomua.baronmunhausen2.workers.dev
URL: https://monalizacomua.baronmunhausen2.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09614889559a046062a6873a15bb277060df6d3de4c87a7ea39f3ce9d5d02722

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://monalizacomua.baronmunhausen2.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:43:51 GMT
cf-cache-status: MISS
last-modified: Tue, 24 Aug 2021 13:45:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6124f80f-16fb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OzQLLd5MEZ0UdYBSBlSEP9rwZFzWqkFMgeZVdHZZEMgpEvIZB7h%2FlYB4f7mmw1LXn5jHDf4Q4ivZJyTcRRmRLjAl5nIPlz443Zfd1gQ0%2F47xByNfRdfD8RaV1ydn9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 88b6ea73ab2518de-FRA
alt-svc: h3=":443"; ma=86400
content-length: 94133
expires: Fri, 28 Jun 2024 13:43:51 GMT

GET
H2 200 ___.png
static.tildacdn.com/tild6362-3036-4564-b737-333235376666/ 784 KB
786 KB 202ms
51ms Image
image/png 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild6362-3036-4564-b737-333235376666/___.png
Requested by: Host: monalizacomua.baronmunhausen2.workers.dev
URL: https://monalizacomua.baronmunhausen2.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4ff9b44265e122eeb532f9bf3949ed5232cb6b94b2872ae4791263121b5743b0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://monalizacomua.baronmunhausen2.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-container-storage-policy-name: Policy-0
x-id: fr5-hw-edge-gc61
date: Wed, 29 May 2024 13:43:51 GMT
age: 0
x-cached-since: 2024-05-29T12:33:18+00:00
x-id-fe: fr5-hw-edge-gc57
content-length: 803217
x-trans-id: 168f2e80fb3579a1
tserver: 13
last-modified: Tue, 06 Jul 2021 10:58:43 GMT
server: nginx
traceparent: 00-f3048d125496f64d5fb75e0e3db4ddda-9a0764c607ae2f29-01
x-id-shield: am3-hw-edge-gc88
etag: "e0b30cd6b864970baaf6861361a1e18e"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Expires, Cache-Control
cache-control: max-age=5184000
cache: HIT, MISS
x-timestamp: 1625569122.01360
x-container-storage-policy-index: 0
accept-ranges: bytes
expires: Sun, 28 Jul 2024 12:33:18 GMT

GET
H2 200 5.jpg
facebar.com.ua/images/companies/2/products/SN0121/ 55 KB
55 KB 210ms
47ms Image
image/jpeg 49.12.9.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://facebar.com.ua/images/companies/2/products/SN0121/5.jpg?1679514837138

Requested by

Host: monalizacomua.baronmunhausen2.workers.dev
URL: https://monalizacomua.baronmunhausen2.workers.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.9.151 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

de3.zahid.host

Software

de3 /

Resource Hash

a80a173ef2cf569cadc5e784d965d592acdb3325536b997c9877ea61bce233c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://monalizacomua.baronmunhausen2.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Wed, 29 May 2024 13:43:51 GMT
x-content-type-options: nosniff
age: 0
x-edge-location: de3
x-cache: MISS
content-length: 55857
last-modified: Wed, 22 Mar 2023 19:52:28 GMT
server: de3
etag: "641b5c7c-da31"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=15552000
x-edge-ip: 49.12.9.151
accept-ranges: bytes
expires: Mon, 25 Nov 2024 13:43:51 GMT

GET
H2 200 15192.jpg
cdn.bcs-express.ru/article-head/ 28 KB
28 KB 1025ms
466ms Image
image/jpeg 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bcs-express.ru/article-head/15192.jpg

Requested by

Host: monalizacomua.baronmunhausen2.workers.dev
URL: https://monalizacomua.baronmunhausen2.workers.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

3d7c740278cb55f1b5c0462772317856a1324c9950fb7b1e97d0b9db884cc8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://monalizacomua.baronmunhausen2.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:43:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 21 Nov 2022 11:56:53 GMT
server: nginx
etag: "93a9059a0fdd81:0"
content-type: image/jpeg
access-control-expose-headers: X-id
cache-control: public, max-age=31536000
cache: MISS
accept-ranges: bytes
content-length: 28490
x-node: rst-up-gc4

GET
H3 200 image.psd-43-2.jpg
www.seafarersjournal.com/wp-content/uploads/2024/05/ 92 KB
93 KB 202ms
52ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.seafarersjournal.com/wp-content/uploads/2024/05/image.psd-43-2.jpg

Requested by

Host: monalizacomua.baronmunhausen2.workers.dev
URL: https://monalizacomua.baronmunhausen2.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f8fbb0d9e53741039192c11bfda700ab0896d5bad58a9b67b42a21bcd22c2a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://monalizacomua.baronmunhausen2.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:43:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 187489
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400
content-length: 94352
x-xss-protection: 1; mode=block
last-modified: Mon, 27 May 2024 08:48:39 GMT
server: cloudflare
etag: "665448e7-17090"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pjj88XZDjUYlFLpaEuzONn3bSSPLG2w%2F5vLqtGVi8jDGIwLfZMd6KOT8GFuEGt%2BZrd8%2BhcDRMTODwob1345BouGaeUiQxEvF9Nx5B0LWOKwK7afx0%2F8HBw8B0AbijAigqhaz6x%2FqpHnj%2BM8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 88b6ea73adaf8f3b-FRA
expires: Wed, 26 Jun 2024 08:49:23 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/ 79 KB
24 KB 188ms
39ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js

Requested by

Host: monalizacomua.baronmunhausen2.workers.dev
URL: https://monalizacomua.baronmunhausen2.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://monalizacomua.baronmunhausen2.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 May 2024 13:43:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4429937
x-jsd-version: 5.3.0-alpha1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24765
x-served-by: cache-fra-etou8220023-FRA, cache-cph2320033-CPH
x-jsd-version-type: version
etag: W/"13ad7-v/eN2cAqUAirQ2QpSHOc5Yx2GyE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Washington_Post_favicon.png
upload.wikimedia.org/wikipedia/commons/b/bf/ 7 KB
8 KB 242ms
55ms Other
image/png 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to

Full URL

https://upload.wikimedia.org/wikipedia/commons/b/bf/Washington_Post_favicon.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

envoy /

Resource Hash

cc6e069cc43c42083f9f4c7599dbb3fce19bce928921fe4120a4cbc1dccb6a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://monalizacomua.baronmunhausen2.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 01:32:52 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 43860
x-cache-status: hit-front
x-cache: cp3076 hit, cp3076 hit/3
server-timing: cache;desc="hit-front", host;desc="cp3076"
content-length: 7274
x-client-ip: 2a01:4a0:1338:93::10
x-object-meta-sha1base36: kgxcyqjqtr7a07es9vui5kf0ex5gj4v
last-modified: Tue, 03 Nov 2020 16:15:20 GMT
server: envoy
etag: 936f9a2fcce0ca539ccf6f439159aa8e
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cdn.bcs-express.ru/	1970-01-21 06:32:30	Name: spid Value: 1716990232322_b6510ed28c8d921567d4c63ff5c6b480_ak2dklhhs0egnx97

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://monalizacomua.baronmunhausen2.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bcs-express.ru
cdn.jsdelivr.net
facebar.com.ua
monalizacomua.baronmunhausen2.workers.dev
neftegaz.ru
static.tildacdn.com
upload.wikimedia.org
www.capital.ua
www.seafarersjournal.com
172.67.172.249
188.114.96.3
2606:4700:3037::ac43:9389
2a02:ec80:300:ed1a::2:b
2a03:90c0:41:2801::62
2a04:4e42:600::485
2a11:27c0::93
49.12.9.151
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2
09614889559a046062a6873a15bb277060df6d3de4c87a7ea39f3ce9d5d02722
3d7c740278cb55f1b5c0462772317856a1324c9950fb7b1e97d0b9db884cc8a9
4ff9b44265e122eeb532f9bf3949ed5232cb6b94b2872ae4791263121b5743b0
5f8fbb0d9e53741039192c11bfda700ab0896d5bad58a9b67b42a21bcd22c2a6
678072cacf4d63ee62db7f6784243e0ddf9617d99c98f1f763cc2e8ee53fd781
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
a80a173ef2cf569cadc5e784d965d592acdb3325536b997c9877ea61bce233c5
c363ab2e65da87dc46006bf8b93a30a18b6715dcaf4f40c6a0cd900347f5db7c
cc6e069cc43c42083f9f4c7599dbb3fce19bce928921fe4120a4cbc1dccb6a2f

monalizacomua.baronmunhausen2.workers.dev Open in urlscan Pro 172.67.172.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

63 %IPv6

9 Domains

9 Subdomains

8 IPs

4 Countries

1446 kBTransfer

1687 kBSize

1 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

monalizacomua.baronmunhausen2.workers.dev Open in urlscan Pro
172.67.172.249 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

63 %
IPv6

9
Domains

9
Subdomains

8
IPs

4
Countries

1446 kB
Transfer

1687 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions