lostscripturesecrets.com Open in urlscan Pro
2606:4700:3030::ac43:de6f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lostscripturesecrets.com/
Effective URL:
https://lostscripturesecrets.com/
Submission: On May 08 via api (May 8th 2023, 9:15:09 pm UTC) from US — Scanned from DE

Summary HTTP 133 Redirects Behaviour Indicators

Summary

This website contacted 60 IPs in 9 countries across 47 domains to perform 133 HTTP transactions. The main IP is 2606:4700:3030::ac43:de6f, located in United States and belongs to CLOUDFLARENET, US. The main domain is lostscripturesecrets.com.
TLS certificate: Issued by GTS CA 1P5 on May 7th 2023. Valid for: 3 months.

This is the only time lostscripturesecrets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::6815:4e8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	2606:4700:303... 2606:4700:3030::ac43:de6f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:5400:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
3	195.201.240.51 195.201.240.51	24940 (HETZNER-AS) (HETZNER-AS)
3	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	13.226.156.84 13.226.156.84	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:219... 2600:9000:219c:4a00:9:8536:59c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	34.199.5.193 34.199.5.193	14618 (AMAZON-AES) (AMAZON-AES)
4	95.101.111.61 95.101.111.61	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	44.225.128.118 44.225.128.118	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2600:1f18:730... 2600:1f18:730:b150:c922:c4f2:8c5e:8b2	14618 (AMAZON-AES) (AMAZON-AES)
1	3.211.47.106 3.211.47.106	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.113 99.86.4.113	16509 (AMAZON-02) (AMAZON-02)
1	52.41.104.164 52.41.104.164	16509 (AMAZON-02) (AMAZON-02)
2	188.40.221.212 188.40.221.212	24940 (HETZNER-AS) (HETZNER-AS)
1 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 2	3.76.101.133 3.76.101.133	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 2	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.58.47.177 52.58.47.177	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.208.156.123 52.208.156.123	16509 (AMAZON-02) (AMAZON-02)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1 2	52.212.129.217 52.212.129.217	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.156.238.127 35.156.238.127	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4216:4eaf:fc79:e33b:d580	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.215.16.120 23.215.16.120	16625 (AKAMAI-AS) (AKAMAI-AS)
1	99.81.96.216 99.81.96.216	16509 (AMAZON-02) (AMAZON-02)
2	88.198.239.115 88.198.239.115	24940 (HETZNER-AS) (HETZNER-AS)
1	54.154.227.90 54.154.227.90	16509 (AMAZON-02) (AMAZON-02)
1	3.16.8.48 3.16.8.48	16509 (AMAZON-02) (AMAZON-02)
133	60

1 2606:4700:3030::6815:4e8e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lostscripturesecrets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:3030::ac43:de6f (United States)

ASN13335 (CLOUDFLARENET, US)

lostscripturesecrets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:5400:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.201.240.51 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cache-05.pushwoosh.com

cdn.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-84.dus51.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:219c:4a00:9:8536:59c0:21 (United States)

ASN16509 (AMAZON-02, US)

d2tjsej3ucxx0n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.199.5.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-5-193.compute-1.amazonaws.com

175132.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
175132.t.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.111.61 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-61.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.225.128.118 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-128-118.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:c922:c4f2:8c5e:8b2 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.47.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-47-106.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-113.fra6.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.41.104.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-104-164.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.40.221.212 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: kubeapi-nue.pushwoosh.com

cp.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.76.101.133 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-101-133.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.84 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.47.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-47-177.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.156.123 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-156-123.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.129.217 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-129-217.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.238.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-238-127.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:4eaf:fc79:e33b:d580 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-16-120.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.96.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-96-216.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.239.115 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: r1-front-08.pushwoosh.com

redhotm.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.227.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-227-90.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.16.8.48 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-16-8-48.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	lostscripturesecrets.com 1 redirects lostscripturesecrets.com	2 MB
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3631 gum.criteo.com — Cisco Umbrella Rank: 420 mug.criteo.com — Cisco Umbrella Rank: 2760 sslwidget.criteo.com — Cisco Umbrella Rank: 1787 widget.us.criteo.com — Cisco Umbrella Rank: 17902 dis.criteo.com — Cisco Umbrella Rank: 707	29 KB
9	gstatic.com fonts.gstatic.com	156 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1062 q.stripe.com — Cisco Umbrella Rank: 5929 m.stripe.com — Cisco Umbrella Rank: 1038	131 KB
7	pushwoosh.com cdn.pushwoosh.com — Cisco Umbrella Rank: 46647 cp.pushwoosh.com — Cisco Umbrella Rank: 58101 redhotm.pushwoosh.com — Cisco Umbrella Rank: 382868	131 KB
5	hyros.com 175132.tracking.hyros.com 175132.t.hyros.com — Cisco Umbrella Rank: 932962	38 KB
5	cloudfront.net d2tjsej3ucxx0n.cloudfront.net	900 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 211 secure.adnxs.com — Cisco Umbrella Rank: 406	4 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	301 B
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 702	100 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 74 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	3 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 150	200 KB
3	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2429 api.amplitude.com — Cisco Umbrella Rank: 1442	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 328 fonts.googleapis.com — Cisco Umbrella Rank: 37	38 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 2607 rp.liadm.com — Cisco Umbrella Rank: 2168 rp4.liadm.com — Cisco Umbrella Rank: 9074	15 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	151 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 655	876 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 198	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1332	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	508 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 299	880 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1128	18 KB
2	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 4646	170 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1801	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 596	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2179	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4423	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 32553	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2320	400 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 679	584 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 743	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1323	885 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2544	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 431	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 837	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1211	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 351	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1865	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1285	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 601	114 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 522	366 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 318	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 603	802 B
1	google.de www.google.de — Cisco Umbrella Rank: 6386	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 897	7 KB
133	47

	Domain	Requested by
31	lostscripturesecrets.com	1 redirects lostscripturesecrets.com ajax.googleapis.com static.cloudflareinsights.com cdn.pushwoosh.com
9	fonts.gstatic.com	fonts.googleapis.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	d2tjsej3ucxx0n.cloudfront.net	vjs.zencdn.net
4	175132.t.hyros.com	175132.tracking.hyros.com
4	www.facebook.com	lostscripturesecrets.com
4	analytics.tiktok.com	lostscripturesecrets.com analytics.tiktok.com
3	q.stripe.com	lostscripturesecrets.com
3	connect.facebook.net	lostscripturesecrets.com connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	js.stripe.com	lostscripturesecrets.com js.stripe.com
3	cdn.pushwoosh.com	lostscripturesecrets.com
3	www.googletagmanager.com	lostscripturesecrets.com
2	redhotm.pushwoosh.com	cdn.pushwoosh.com
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	cp.pushwoosh.com	cdn.pushwoosh.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	stats.g.doubleclick.net	www.google-analytics.com
2	api.amplitude.com	cdn.amplitude.com
2	vjs.zencdn.net	lostscripturesecrets.com
2	ajax.googleapis.com	lostscripturesecrets.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	m.stripe.com	m.stripe.network
1	mug.criteo.com	lostscripturesecrets.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	www.google.de	lostscripturesecrets.com
1	www.google.com	lostscripturesecrets.com
1	175132.tracking.hyros.com	lostscripturesecrets.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	fonts.googleapis.com	ajax.googleapis.com
1	cdn.amplitude.com	lostscripturesecrets.com
1	static.cloudflareinsights.com	lostscripturesecrets.com
1	dynamic.criteo.com	lostscripturesecrets.com
1	b-code.liadm.com	lostscripturesecrets.com
133	64

This site contains no links.

Subject Issuer	Validity	Valid
lostscripturesecrets.com GTS CA 1P5	`2023-05-07` - `2023-08-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-08-30` - `2023-10-01`	a year	crt.sh
*.pushwoosh.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-07` - `2024-04-05`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-04-20` - `2023-08-05`	4 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
cdn.amplitude.com Amazon RSA 2048 M01	`2023-01-12` - `2024-02-11`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-15` - `2023-05-16`	3 months	crt.sh
tracking.hyros.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
t.hyros.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-22`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
itm.ivitrack.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://lostscripturesecrets.com/
Frame ID: B241B323D34667A2400DCA7887DCF596
Requests: 94 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=lostscripturesecrets.com&origin=onetag
Frame ID: 8270785230DD49BD6CCF4F23E4E5657B
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 2BE84B0F2C9200B19938CB18CCB3E17E
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 48E674C4586D219920505D9A2E6B6CBD
Requests: 4 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-lWC0-pbfcO8UUkz9XhBZjmsC1TpRTSkRUFHeJg&expires=30
Frame ID: 2C1139E289F3D0ACA5539083C7BDE6ED
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Exodus Effect

Page URL History Show full URLs

http://lostscripturesecrets.com/ HTTP 301
https://lostscripturesecrets.com/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

133
Requests

88 %
HTTPS

33 %
IPv6

47
Domains

64
Subdomains

60
IPs

9
Countries

3979 kB
Transfer

6548 kB
Size

58
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lostscripturesecrets.com/ HTTP 301
https://lostscripturesecrets.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://rp.liadm.com/j?dtstmp=1683580501745&aid=a-06ld&se=e30&duid=cde5d9f9bf4a--01gzykffk64dd9g935nbk7v8ka&tna=v2.7.1&pu=https%3A%2F%2Flostscripturesecrets.com%2F&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPlRoZSBFeG9kdXMgRWZmZWN0PC90aXRsZT48aDE-V2hhdCBpcyB5b3VyIHByaW1hcnkgYWlsbWVudD88L2gxPjxoMT5XaGF0IGlzIHlvdXIgYWdlPzwvaDE-PGgxPkhvdyBtdWNoIHBhaW4gYXJlIHlvdSBpbj88L2gxPjxoMT5Ib3cgc3Ryb25nIGlzIHlvdXIgZmFpdGg_PC9oMT48aDE-SWYgeW91ciBwYWluIHdhcyB3aXBlZCBjbGVhbiwgd2hhdCB3b3VsZCB0aGF0IGRvIGZvciB5b3U_PC9oMT48aDE-VGhhbmtzIFNvIE11Y2ggRm9yIFRha2luZzxicj5PdXIgQW5vbnltb3VzIFN1cnZleTwvaDE-PGgxPkNvdWxkIFRoaXMgQmUgVGhlIEhpZGRlbiBQYXRoIFRvIEhlYWxpbmc_PC9oMT48aDEgaWQ9ImJ1bGxldENUQSI-CjxkaXYgY2xhc3M9ImJsYWNrVHJpYW5nbGUiPjwvZGl2PgpQbGVhc2Ugd2F0Y2ggdGhlIHZpZGVvIGFib3ZlIG5vdyEKPC9oMT4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1683580501745&aid=a-06ld&se=e30&duid=cde5d9f9bf4a--01gzykffk64dd9g935nbk7v8ka&tna=v2.7.1&pu=https%3A%2F%2Flostscripturesecrets.com%2F&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPlRoZSBFeG9kdXMgRWZmZWN0PC90aXRsZT48aDE-V2hhdCBpcyB5b3VyIHByaW1hcnkgYWlsbWVudD88L2gxPjxoMT5XaGF0IGlzIHlvdXIgYWdlPzwvaDE-PGgxPkhvdyBtdWNoIHBhaW4gYXJlIHlvdSBpbj88L2gxPjxoMT5Ib3cgc3Ryb25nIGlzIHlvdXIgZmFpdGg_PC9oMT48aDE-SWYgeW91ciBwYWluIHdhcyB3aXBlZCBjbGVhbiwgd2hhdCB3b3VsZCB0aGF0IGRvIGZvciB5b3U_PC9oMT48aDE-VGhhbmtzIFNvIE11Y2ggRm9yIFRha2luZzxicj5PdXIgQW5vbnltb3VzIFN1cnZleTwvaDE-PGgxPkNvdWxkIFRoaXMgQmUgVGhlIEhpZGRlbiBQYXRoIFRvIEhlYWxpbmc_PC9oMT48aDEgaWQ9ImJ1bGxldENUQSI-CjxkaXYgY2xhc3M9ImJsYWNrVHJpYW5nbGUiPjwvZGl2PgpQbGVhc2Ugd2F0Y2ggdGhlIHZpZGVvIGFib3ZlIG5vdyEKPC9oMT4&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojg%3D&n3pc=true

Request Chain 76

https://gum.criteo.com/sid/json?origin=onetag&domain=lostscripturesecrets.com&sn=ChromeSyncframe&so=0&topUrl=lostscripturesecrets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=LxrPpnxhOWlXeTR5NGZBeEdxbjNyZXNlRDExQ014cU4zQnlNN2RKS3l5NUxVeEQvY0p5amszMVNtM2JBbmhaK3oxSnZqZ0crM3lnb1czMlNlU21SY1dKSUZaRTRLK1JFcUdrL2EzbmtSaHNDTWNIWTF3NVRpZjVVZ1M2Y0h4bWhXZWYvYm1DNWx2eDJsTjlkbXFLa2FQdStkRG51bHpPaGFOQW54dkh1djlCaXBVZk5yYWJNM2ZjT20rbVo2cTUrNjBGdW9hdGNaR2dpZkdudnRCcWRrNkJPVjNXcEJyeHpmKy9wa2xYQVhlOEVLdnRtN21BZVg4SUI3U043OFFWTVRyZURVM1BiWGprMUt4YUlxdGc2a2ltTlJLU0pIdVpOZTM2MFBha2w5ZzRoMTFEVT18&cppv=2

Request Chain 94

https://sslwidget.criteo.com/event?a=95287&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=4EVLdF9TcXFLZGlkU3Vic1UlMkIlMkZwU1JlM3FEWFBLUzdKWklqbHVQM2lPQXRPaUh0cmdRVFA4VWpnaFRMbWhZZ2lCbkplRTVxbldhUW0zY1NvN2JCSlZNaFR4aW0wOTJ2VmZJcUNsMGJXaHVZY3JzOHRnNEVDNWJvMnZqOFZET0hWZktJRiUyQlJVUWI5Nzlwek1CaTJtQUJqNmg0dWxPVFZ3cTFVUmxxc2FyVkQxMW5EYWMlM0Q&tld=lostscripturesecrets.com&dy=1&fu=https%253A%252F%252Flostscripturesecrets.com%252F&ceid=65fc8ca9-e5bf-4545-a9b9-a1a7e345ef1c&dtycbr=15737 HTTP 302
https://widget.us.criteo.com/event?a=95287&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=4EVLdF9TcXFLZGlkU3Vic1UlMkIlMkZwU1JlM3FEWFBLUzdKWklqbHVQM2lPQXRPaUh0cmdRVFA4VWpnaFRMbWhZZ2lCbkplRTVxbldhUW0zY1NvN2JCSlZNaFR4aW0wOTJ2VmZJcUNsMGJXaHVZY3JzOHRnNEVDNWJvMnZqOFZET0hWZktJRiUyQlJVUWI5Nzlwek1CaTJtQUJqNmg0dWxPVFZ3cTFVUmxxc2FyVkQxMW5EYWMlM0Q&tld=lostscripturesecrets.com&dy=1&fu=https%253A%252F%252Flostscripturesecrets.com%252F&ceid=65fc8ca9-e5bf-4545-a9b9-a1a7e345ef1c&dtycbr=15737

Request Chain 99

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-lWC0-pbfcO8UUkz9XhBZjmsC1TpRTSkRUFHeJg&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-lWC0-pbfcO8UUkz9XhBZjmsC1TpRTSkRUFHeJg&expires=30

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-_odzDpbfcO8UUkz9XhBZjmsC1Trqb_8KfMaB2w&google_cm&google_hm=ay1fb2R6RHBiZmNPOFVVa3o5WGhCWmptc0MxVHJxYl84S2ZNYUIydw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-_odzDpbfcO8UUkz9XhBZjmsC1Trqb_8KfMaB2w&google_gid=CAESEOT6ATDVCbtRWnLZJpUboZk&google_cver=1&google_ula=913071,0

Request Chain 101

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4399126511432542239

Request Chain 102

https://secure.adnxs.com/setuid?entity=52&code=k-56Io15bfcO8UUkz9XhBZjmsC1Tq2-y-T3uU_eg HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-56Io15bfcO8UUkz9XhBZjmsC1Tq2-y-T3uU_eg

Request Chain 110

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-bBKAoJbfcO8UUkz9XhBZjmsC1Trd-PT7nM89jg HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-bBKAoJbfcO8UUkz9XhBZjmsC1Trd-PT7nM89jg&verify=true

Request Chain 113

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WeZ1y5bfcO8UUkz9XhBZjmsC1TofsDqqSMsUGw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WeZ1y5bfcO8UUkz9XhBZjmsC1TofsDqqSMsUGw&C=1

Request Chain 114

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=k5_DEnrZVRJWjMwYKZRvpFzEi7Ai9gID HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=k5_DEnrZVRJWjMwYKZRvpFzEi7Ai9gID

Request Chain 116

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-xvnTK5bfcO8UUkz9XhBZjmsC1TojhAHgVq_p_A HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xvnTK5bfcO8UUkz9XhBZjmsC1TojhAHgVq_p_A

Request Chain 131

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=RhW-cJ1sm7QCM14mioqTNLUyVUajxdDM

Request Chain 132

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=fIo-bXVFRcGlTSUdmcTQfPX3-fRDTj84

133 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
lostscripturesecrets.com/
Redirect Chain

http://lostscripturesecrets.com/
https://lostscripturesecrets.com/

70 KB
20 KB

271ms
182ms

Document
text/html

2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75f59892601e22f9269e75a868d0da3d89280978ea5700fcc351ac809ac56ff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c44b7334ee06957-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 08 May 2023 21:15:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COrMoSqKfKHo5OAoBjJ%2BknJgByZW5Lmsz3s7OG0I7DWGTEG6XpW98LCgF1LUTNNUJQczjiPgL58m15DmoehSU4xWZol6YMH93ar1GDBsDs7pJEBClrRcKVlDLvnQXmcMFD8Vk7JLCOZ9DppXxK%2FITElf03720AQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nosnippet

Redirect headers

CF-RAY: 7c44b73278f19a0f-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 08 May 2023 21:15:00 GMT
Expires: Mon, 08 May 2023 22:15:00 GMT
Location: https://lostscripturesecrets.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZZpPrlZALWA0qn4Dhc2z9YFRZQmJQsMU%2BywqxnjvMTFSNh4G2eLEBsMI0AWuI2W%2FJjepm13dnksQwDOsLka9tNICPM0V%2BWRnTWy22G71B0CzrwW1yl69FtU6MfW%2BGEoP52GD2nBPbqmbCjuSbxioZPOGn4hB3I%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 89ms
35ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-172780246-2

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd616c4a3946234ce3a8528dcf14a9c6aae00bb513b0c237c96706e35b5c66d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45870
x-xss-protection: 0
last-modified: Mon, 08 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 May 2023 21:15:01 GMT

GET
H2 200 a-06ld.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 299ms
228ms Script
application/javascript 2600:9000:2182:5400:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-06ld.min.js
Requested by: Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c906d4588bd040aa2140be2840723a72bc01e092d5e9db2211b8a2d388a8821f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
content-encoding: gzip
via: 1.1 f12c01365a7e1bcbb4b6d5b856516526.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: buK1vj3s1CSl07cqlDrD1L3h9DkwbgZdl2jwnT-hDg4Cx6Z9vUvXIg==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 44 KB
15 KB 297ms
72ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=95287

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8e64e864863ebe52f74ec33907ad913235e3b749a68794e0180d02cb8af27f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 27ms
20ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 16:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 May 2024 16:34:33 GMT

GET
H2 200 reset.css
lostscripturesecrets.com/assets/style/ 923 B
892 B 122ms
119ms Stylesheet
text/css 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/assets/style/reset.css?v=10001

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c66125e56c6f77e4ae6e45ce3b9d29d46efbdb8919aa59d7261ecae9ff8675

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1270
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
etag: W/"4f6-593f4978bfbd3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yfie3ACmcgJQ6%2B71J%2BglpxUhL6zTg6tAwbTxYWUzKHBW9SsC0Ib2bZz9YMZ%2BWwWIF5BVoOZcRg0fKQc38%2FCOZRqPcuzSvOY8ZA7fCYqvNsQivgzw9nWlMe3gh%2B1H98KPDSvMG1NNUVSI8ulm1sIKHwO8fWupiIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b73478096957-FRA

GET
H2 200 global.css
lostscripturesecrets.com/assets/style/ 6 KB
2 KB 146ms
144ms Stylesheet
text/css 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/assets/style/global.css?v=10017

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b983137077f81c960fff5bb7d0110705215444e15b4c0488b9bbf4c9897849ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=8236
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 29 Apr 2021 15:16:30 GMT
server: cloudflare
etag: W/"202c-5c11dfadc1393-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TvwliZODTSgx6lt0V3tNY8qAJqaIVH0w7cObtzVWnPhfRAT8DSBmlt2ehs2JnQqJAw4k0zXGILmHY4ePLfEjYreyyDFySyE6iPTlFVJecBIh1vXHCg9olmNuM92Yg5he8uhSqCfknTg7GaRBQK2Usbs6%2FaXk78%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b734780b6957-FRA

GET
H2 200 forms.css
lostscripturesecrets.com/assets/style/ 5 KB
2 KB 131ms
128ms Stylesheet
text/css 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/assets/style/forms.css?v=10008

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1abfc16178b09de26b11065884d3afebe3c3c1c0a41ab099a83f7ebadd2f2d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6825
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 12 May 2021 02:57:31 GMT
server: cloudflare
etag: W/"1aa9-5c2192bf9993b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KlNg%2FtBTGpcM1%2BM%2FheKTfgIVZGyyZTBW7cYRJjhgS05%2B3onLZHLz%2BbJECB1rChL7XcGk65g8ZZeavji0lM2HMWY3GYFPvg66t4b7riKa%2FHSC8aUKHj8Tt1xIsQKrEAFhey3dLR9j%2FGjArNdg1qWcLyzAQDbC5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b734780c6957-FRA

GET
H2 200 buttons.css
lostscripturesecrets.com/assets/style/ 4 KB
1 KB 124ms
121ms Stylesheet
text/css 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/assets/style/buttons.css?v=10003

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef6e13231ec40eac8229a1af785e63b6e9b501d10e2b99fa6c301ddebd983692

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5452
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
etag: W/"154c-593f4978bfbd3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByNP034Zm%2FVMU9Sk2jhBKJJDogEZN1f84D6iI3I2djjZ1SrK2YKV%2FN5vsp5IVo%2FbJIyQJqWwVpCWMsghrmH1sv33vuYeBFPxMWUQa%2Fjn%2BF9yfk%2BndrpTQmoKtms8r63zR9JeVcwME0J0uHHZ3L%2FsHgAH8nzzB1M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b734780d6957-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 102ms
20ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 16:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 May 2024 16:37:25 GMT

GET
H2 200 global.js Show response
lostscripturesecrets.com/assets/scripts/ 7 KB
3 KB 122ms
120ms Script
application/javascript 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/assets/scripts/global.js?v=10002

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a976576c30c8355b268f0503b84d260c4f3856bc7b5ce55cacc0ff4b5904595

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=12543
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 17 Nov 2020 17:16:11 GMT
server: cloudflare
etag: W/"30ff-5b450a6c6a087-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Rirkf2MONCcRluCq9EaqC3WDBctJgkUG3wP2U4wzSZKGfTzn2t%2FVdxBHLTQJ5yrXlzbRhDyIhopiJjicmmsaqt9rPB2CRy%2FN1J%2BmT4tGxRjpWNsNBUWjyNghLFoYFOxK%2BpE%2FFego8GTa5QUxi5TCxKkpFS2tQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b73478106957-FRA

GET
H2 200 video-js.css
vjs.zencdn.net/7.20.2/ 46 KB
11 KB 83ms
24ms Stylesheet
text/css 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.20.2/video-js.css
Requested by: Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a600e503fc0dcb171bd2ce6b639bbb5cf35b91ccc3c045324a7a4e2603683a0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220062-FRA
date: Mon, 08 May 2023 21:15:01 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 18:58:38 GMT
etag: "92c4f5bba6e24134f07a508819300d2e"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10964
x-cache-hits: 87

GET
H2 200 video.min.js Show response
vjs.zencdn.net/7.20.2/ 569 KB
159 KB 79ms
21ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.20.2/video.min.js
Requested by: Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 55a979130309c3f0d4398298f648e90a8ded2df500fdf3c758e9051ecf6229cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220062-FRA
date: Mon, 08 May 2023 21:15:01 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 18:58:38 GMT
etag: "c038d4c38eb6160ddb328b8944a5422b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
content-length: 162713
x-cache-hits: 2

GET
H2 200 VSL.css
lostscripturesecrets.com/assets/style/ 9 KB
2 KB 125ms
124ms Stylesheet
text/css 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/assets/style/VSL.css?v=10024

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49786cfd1a0a7c26d2e5dd566ce253b3c6930058bf3e138068afc3fbdcfe820b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=12226
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 25 Jan 2023 00:03:29 GMT
server: cloudflare
etag: W/"2fc2-5f30b5cb6efdc-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ypUpBPynJx90VzDBV4SYosDL4XW4I68Jvwv81NRJ1%2FNP9LsiM9ri4kjdvIm3B7Tl%2FdR62b2jZAcSmOdL4KfbK%2FDSNkTcDE1sQAyTih0JG8n4B6a0fW4FUuYNbnxd7VcqCJWcj6h3kCRFn0rDLJEA3SQb921Pw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b734780e6957-FRA

GET
H2 200 slideInOnScroll.css
lostscripturesecrets.com/assets/style/ 2 KB
932 B 146ms
144ms Stylesheet
text/css 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/assets/style/slideInOnScroll.css?v=10001

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d852a478da86a57ea6001d3c6189a400023c810dcb89fc57e64c8283dff7ee9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2925
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
etag: W/"b6d-593f4978bfbd3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CNAIxm%2BmLidbFoL%2FEypgRUvG%2Bz%2F4duDyFW5UAPJKTUKy7HID1SXjwKUL3gsD8kUzSFJBhteTmtDw25CSw7Zvo%2BEa503ni35ERNA5Y%2F3uJxApjwbL1HI6edW%2Bs1UHcpNhvtR456uMDOvl3htj2cByQZmZKAwgeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b734780f6957-FRA

GET
H/1.1 200
OK pushwoosh-web-notifications.js Show response
cdn.pushwoosh.com/webpush/v3/ 182 KB
45 KB 135ms
52ms Script
application/javascript 195.201.240.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Requested by: Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.240.51 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cache-05.pushwoosh.com
Software: nginx /
Resource Hash: ab124775fec26df3819b69e6ddbad542a2c52602d5958c8af915563ef268e75a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-Proxy-Cache: HIT
Date: Mon, 08 May 2023 21:15:01 GMT
Content-Encoding: gzip
X-Cache-Status: HIT
Transfer-Encoding: chunked
X-Amz-Storage-Class: STANDARD
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 08:45:52 GMT
Server: nginx
ETag: W/"d50a1b2bd010ebf2eca5a3e1f9c1df25"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-rgw-object-type: Normal
Cache-Control: max-age=86400, public
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
Expires: Tue, 09 May 2023 21:15:01 GMT

GET
H3 200 heroDesktopA1t.png
lostscripturesecrets.com/assets/images/hero/ 458 KB
459 KB 191ms
185ms Image
image/png 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lostscripturesecrets.com/assets/images/hero/heroDesktopA1t.png

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73035e8c2ba7bc19f518e6b1bc729d538a7a9b7ed2f8ca0b31eb21ef61911631

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 469463
last-modified: Tue, 12 Oct 2021 20:26:14 GMT
server: cloudflare
etag: "729d7-5ce2da83c68e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwWR48m5tWvk7%2Bxg1Z5Yke51XeytbGkNvTogoseAp5kUzcdAaUgA1otYq%2FHiyNCsDylEoaIcVaoWhHOirfoMbigOe0WICg3PpwLdGUPE2uTW0U%2FF65cImM3YU2xJ01rcw0ayPPejPNX2zrGOIGFMxd1KRh1qrrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735998737de-FRA
priority: u=3,i

GET
H3 200 ctaDesktop.jpg
lostscripturesecrets.com/assets/images/lander/VSL/ 47 KB
47 KB 169ms
163ms Image
image/jpeg 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lostscripturesecrets.com/assets/images/lander/VSL/ctaDesktop.jpg?v=10002

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baac471c1c739eb5df38c043ab97d3ecf23aab472f70511af0d433da2253456b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47819
last-modified: Wed, 04 Nov 2020 23:47:27 GMT
server: cloudflare
etag: "bacb-5b3509a1153e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLISJP4pGtzr%2BGuBNc2mwVKxSjJJGZtIsRe54uNCeeCOGyqEv2zDZR9JWm0jaRwHphYClDUShoWSXnLLQbFz8T3GmxcStS4uwTcUEw0N%2B8o9AzpcGf7deoKvNcOJiObAUFpej1O9QhWSRt5Srq6q0P%2BxnGwLGPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735998a37de-FRA
priority: u=3,i

GET
H3 200 ctaMobile.jpg
lostscripturesecrets.com/assets/images/lander/VSL/ 27 KB
28 KB 150ms
145ms Image
image/jpeg 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lostscripturesecrets.com/assets/images/lander/VSL/ctaMobile.jpg?v=10002

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14ca7f5dab60d993d6e496de40a3584f23ffa09ae0f78dc75c7c1f233bd703dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28021
last-modified: Wed, 04 Nov 2020 23:47:27 GMT
server: cloudflare
etag: "6d75-5b3509a1153e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIfO7sfAF8CQaZ14tEB9ejg1st1REMfhMTJQq3OftmTogkDFsrTxptRzYwsJN2kBKZ0RGOjA59qteFWmy7aJ%2BSwn%2BNHTnM2WJ5B2cR3KckabyIglAFAmdTwTfTnRUyut%2FSkZ1kMqa0QHsJJf%2Bx1GrSNQ6RJxqEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735998b37de-FRA
priority: u=3,i

GET
H3 200 price67.jpg
lostscripturesecrets.com/assets/images/lander/VSL/ 21 KB
21 KB 149ms
144ms Image
image/jpeg 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lostscripturesecrets.com/assets/images/lander/VSL/price67.jpg

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abd87251504843aba43e41c58605e54abc8489c79caad3c1e9eaa02d155cd90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21206
last-modified: Wed, 29 Sep 2021 01:20:26 GMT
server: cloudflare
etag: "52d6-5cd18228c28d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3%2BHbfH75guncr4ezXJxcMXX4nRlUGn7BAlK6OiT17lZXuehdPnYIlJIYT%2FQixRZ2dqwEouO9H5i93ntBS9KcwlaYp5GJMTj%2FF0ZPTA5NpTqsJNrkb%2FZXS1YVeZk2CmVfgFkipRBLBIQM%2F5K3SJEMiPp10LR00o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735998c37de-FRA
priority: u=3,i

GET
H3 200 trustDesktop.jpg
lostscripturesecrets.com/assets/images/lander/VSL/ 15 KB
16 KB 129ms
124ms Image
image/jpeg 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lostscripturesecrets.com/assets/images/lander/VSL/trustDesktop.jpg

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfd1dfa6765654e85cec85dc6cdb53ad64cc3a3a64d0e010b35838f2c762a6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15622
last-modified: Wed, 04 Nov 2020 23:47:27 GMT
server: cloudflare
etag: "3d06-5b3509a117327"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H29snyDPVI11F4TdAQcjqil49xVxlVTAzzkVSD8PXzuYIlGFE3IHHXQYEi4oFDlZyIM3kqCezG%2F9xqpMEAQc75OaWErMDOyX5YGZBZKld243eHaOa9REh4MPsoWlIhxxR4S20MGeITZRFXGthLT8lGpPeI5yibs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735998d37de-FRA
priority: u=3,i

GET
H3 200 ajaxYellow.svg
lostscripturesecrets.com/assets/images/ 3 KB
975 B 138ms
133ms Image
image/svg+xml 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lostscripturesecrets.com/assets/images/ajaxYellow.svg

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9898853d870512fc480af73452d00d17a5d0c62d3329560d80542f1397b82330

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
etag: W/"d07-593f497893cae-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNt13klWLC2KIQ0pyjfqw6leIJRtKeAjdqH7Ig41PopFB%2B1u5%2BPSqlZnFrt62hOQ2hSZr73ds43LdPXygoSr4RDuaqdiN3hBLkYUgk4CNW1GdZdaLYAY4fjJikeh82Y8%2FUjmJwOYGqfmo7M6WCTT5HTrDEUG%2Ffk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735998e37de-FRA
priority: u=3,i

GET
H3 200 bulletBible.png
lostscripturesecrets.com/assets/images/lander/ 62 KB
62 KB 194ms
189ms Image
image/png 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lostscripturesecrets.com/assets/images/lander/bulletBible.png

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e38372d8696f210809f6821f0b00c84e57beff6b12b40bdba9954c257bb3b0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63024
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
etag: "f630-593f4978ab3b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcMGnLqgmnz8cSrvsPeKgen2DhwetzlxScUhHsv%2FESasIrb3wudbOmVqwcwa4M2SDSiXaTPXRRYOLeuF2i%2BqRKbekvNw%2BKeTqNeuNpYKpM9RWzg%2FDkRzNJfvxqP7y0WGD3z6zDKNalI8Y1Pb47R8zUTMLriHrzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735998f37de-FRA
priority: u=3,i

GET
H3 200 bulletHealing.png
lostscripturesecrets.com/assets/images/lander/ 50 KB
50 KB 193ms
188ms Image
image/png 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lostscripturesecrets.com/assets/images/lander/bulletHealing.png

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ab0932269d9897fd43c2bcda82dc75121d96bea933bd64726bc772e054ca7ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50928
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
etag: "c6f0-593f4978ab3b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSs8Pz53FEzlQ6xYwiiML2C2UW92%2BHsWp1pDro0G2PJjy0LplSeLKHQPi5wEzNCSNr7OKVrZbQMy%2BX7KVNLy82cmHbblJiLjYkORRv8A%2FSoLrW4XSOtlI3Y43tOBuBH0Y8ikMnBfqr9YUjwG36Px4B%2FxLW%2BDS7I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735999137de-FRA
priority: u=3,i

GET
H3 200 bulletChristian.png
lostscripturesecrets.com/assets/images/lander/ 55 KB
56 KB 189ms
184ms Image
image/png 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lostscripturesecrets.com/assets/images/lander/bulletChristian.png

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4534203d73df094bf991ad0f42631889f0a020e90a00b311e76406822f5512ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56600
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
etag: "dd18-593f4978ab3b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4D%2BEcdIp0oSbQFPdY2cRhydHgoA4%2BMUSkxRHRyOmPygP6Cw2A5zadrIcT15HSIIjxsGULsq8RHOssE2miANLhwRehmpzxOPOMxIvqP1n3%2FY13gz6YHLVu9XoPTc2f6ja7UwCyIFsOmZrNEbM2CL3TA77DM0DqAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735999237de-FRA
priority: u=3,i

GET
H3 200 bulletWarning.png
lostscripturesecrets.com/assets/images/lander/ 216 KB
217 KB 149ms
144ms Image
image/png 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lostscripturesecrets.com/assets/images/lander/bulletWarning.png

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef6593f5753f1cb95a8eb445cc05f5d22990a8ec4b5e6e28d47872a5755a1bf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 221390
last-modified: Wed, 12 Feb 2020 21:03:24 GMT
server: cloudflare
etag: "360ce-59e674da1f210"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ALz83RufeeDtauIK%2BAi%2BonmsEcMJWUugj3JWQKxnwZxmCygXO4ZxsMn%2F0zi218js%2FFoeyViyf96eUqCBfm4WvEBCrUtxNxs%2Ba%2Fhtq8fuH8dILM1TMHNFQsH6%2FKMLLhruwAgwELlDgyIBT8%2F1gyi%2B8K%2FGiWhhO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735999337de-FRA
priority: u=3,i

GET
H3 200 squeeze.css
lostscripturesecrets.com/assets/style/ 4 KB
2 KB 377ms
377ms Stylesheet
text/css 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/assets/style/squeeze.css?v=10009

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

233389aead41af7541302c38e1fdb117523eceb02f88386e233a0c876246aa9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5240
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 18 Jan 2021 20:27:14 GMT
server: cloudflare
etag: W/"1478-5b9328c21975b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJEBW5FC3lkwU8rH1a1lBW%2FUmIG3PVHUTGn%2BMIVnc0beOHKbuxw%2B7OqS5VFvDgWLvGzXVTnhGw03D%2FKdsGKjIX%2F7S3KAKQ6zooimbSwaBk5zqvsxV615dATx4ajxqTY6eBhlUjdZSSiWqy8Pf58BuqAwpEA0HVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735695337de-FRA
priority: u=2,i=?0

GET
H3 200 fsLandscape.css
lostscripturesecrets.com/assets/style/VSL/ 2 KB
1 KB 120ms
119ms Stylesheet
text/css 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/assets/style/VSL/fsLandscape.css?v=10001

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef51b56751eefcbcfe90712bf382e5d75348e90394e53006f6aaaf33fa3c03ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 14 Apr 2021 20:13:10 GMT
server: cloudflare
etag: W/"6e7-5bff46034ebf0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKZ6z%2BgDoCqQmRODmUfHwpgBfdxB55UwJl0eWlZtVk69go12OmCyMrBE%2FQyExtfakEM2LOaZIXgSmeXpQxyrrl0dIKwo4ly3zd6dO6TDdGNL%2BPmAy1In1h7%2FC6UFEJMdFh%2FsXdrWiC3UZwm%2BxL4jusSxzZcRU1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735897f37de-FRA
priority: u=2,i=?0

GET
H3 200 slideInOnScroll.js Show response
lostscripturesecrets.com/assets/scripts/ 729 B
867 B 128ms
123ms Script
application/javascript 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/assets/scripts/slideInOnScroll.js?v=10001

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10c61058d7b2a016cd6de6887a2fd4c4baf43babd098120c573cf5f386b5d37a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1480
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
etag: W/"5c8-593f4978bfbd3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hKuC5nW0VK%2F%2BR18N8b%2B3f0eQu9XVKI61kO%2BgVW81k842PpD97y02EoUQ9k%2BnwvRvkP26J0u3FNMkT8jMTGvDMX%2BqZO3blXKRS2SyK0%2BvrEjUM0LpsUWVbPfb7OxSSED4fMhyJTD43LG2fKhYmAELwTX7fVRcOA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735999437de-FRA
priority: u=3,i=?0

GET
H3 200 squeeze.js Show response
lostscripturesecrets.com/assets/scripts/ 3 KB
2 KB 148ms
143ms Script
application/javascript 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/assets/scripts/squeeze.js?v=10009

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5963045ddf0108c47a1b4383dbf93e70a4b166f2981407ef9cbc0c5b5567c9ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 11 Nov 2022 16:11:16 GMT
server: cloudflare
etag: W/"d5f-5ed3423b214da-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GunLOAPbAjXgtx4RrNyJqErr7MAfJPn5v%2F4T0LTYYJLo%2BDWjSV%2Fa0BYnhjx58Lm%2FczxKcFvmMLHydfTlUU%2BeUn0nGoUpAulpiZ48DO7ScGb%2BLwaaFHPK7%2FyMIqQW1zRGNC%2BBGPbRTSAGRnt91drTm80ZQ38uGZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735999637de-FRA
priority: u=3,i=?0

GET
H2 200 / Show response
js.stripe.com/v3/ 471 KB
127 KB 97ms
21ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b79b3c2125d796f5b97ee9510694ac8c539d6c617588a4b7f60d23124eca2ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 08 May 2023 21:15:01 GMT
via: 1.1 varnish
age: 45
x-cache: HIT
content-length: 129694
x-request-id: 99118fa2-4b1a-4a58-91d0-af9141f3ce3b
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Mon, 08 May 2023 20:34:17 GMT
server: Fastly
etag: "2821b11e1fb535291559e75a08695add"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 126ms
63ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://lostscripturesecrets.com/
Origin: https://lostscripturesecrets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c44b735ecbe3668-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 101 KB
39 KB 38ms
34ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WW6NP2B

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c832a51f9af77c74c83ce43fe3d336620c44ad1897a67f0bb94444e11bfd993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40145
x-xss-protection: 0
last-modified: Mon, 08 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 May 2023 21:15:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 187 KB
66 KB 49ms
44ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PP5N9TT

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65150f4326bea9a1e704ad7c5ea77aa14afd53cfc8878d7b02eedd806220999c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67643
x-xss-protection: 0
last-modified: Mon, 08 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 May 2023 21:15:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 73ms
20ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-172780246-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 May 2023 21:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 601
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 08 May 2023 23:05:00 GMT

GET
H2 200 amplitude-7.2.1-min.gz.js Show response
cdn.amplitude.com/libs/ 59 KB
19 KB 97ms
28ms Script
application/javascript 13.226.156.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Requested by: Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-84.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8

Request headers

Referer: https://lostscripturesecrets.com/
Origin: https://lostscripturesecrets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 17:55:02 GMT
content-encoding: gzip
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120e.cloudfront.net (CloudFront)
x-amz-version-id: rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
x-amz-cf-pop: DUS51-C1
age: 876000
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19222
last-modified: Tue, 22 Sep 2020 19:51:25 GMT
server: AmazonS3
etag: "e7ee6bc7f428f90fb1b1ed0e94b9f835"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: lV25p-1i-QqbtNugVUS7PDnLL5bkjCbQ68i87sLKNuqNnoT9ENlgvw==

GET
H3 200 cover_HD.jpg
lostscripturesecrets.com/assets/images/lander/VSL/ 790 KB
791 KB 142ms
142ms Image
image/jpeg 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lostscripturesecrets.com/assets/images/lander/VSL/cover_HD.jpg

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44c234ab1ce11ec976837b360aa64d76f081f31d25192acfd1c88eb735e7def3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 808941
last-modified: Thu, 12 Aug 2021 00:43:20 GMT
server: cloudflare
etag: "c57ed-5c952058254a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60y2utQpG1v3bJIaqdO1WK5N1xaMwmMRh8GMKXwWeqUyn6Tk06nC8ERWHTuqo%2BQPpAJtmrkJsysj%2Fbb%2BX4AFUAvnba2UKONgyqi4fFKJo3LAJh032qb4phdqbwnVFMAtgObuqwSPsfEeh3tqEPy2bZN1YJwCmKc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735d9f037de-FRA
priority: u=3,i

GET
H3 200 timelineSegmentRight.png
lostscripturesecrets.com/assets/images/lander/ 24 KB
24 KB 137ms
137ms Image
image/png 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lostscripturesecrets.com/assets/images/lander/timelineSegmentRight.png

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/assets/style/VSL.css?v=10024

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9cf00da3ed66835c3383eefe3ece96b304fe05d61d742104bbfafcde4ca282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/assets/style/VSL.css?v=10024
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24405
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
etag: "5f55-593f4978b1171"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JU76ZTcYgY7YOXM8pB%2BCRr7XLa%2FEILaGgOEFQtX07vh1Jfi1J5%2B5Eouwm1W4Q%2B5YTtA7JiGltjIqIgeyyKF7W%2BHNO%2FdlVWHsqVqM%2BqrnD08MNeSyAhpL74dUgxC5RIVZRkfyLhk6tKOquXrcS%2BE4XhvMQoIWX%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b735d9f237de-FRA
priority: u=3,i

GET
H3 200 timelineSegmentLeft.png
lostscripturesecrets.com/assets/images/lander/ 24 KB
24 KB 142ms
141ms Image
image/png 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lostscripturesecrets.com/assets/images/lander/timelineSegmentLeft.png

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/assets/style/VSL.css?v=10024

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7c2fbcdf7ea62bdeae2d3b3a1e7fe72278e4d3438ff9ec98713a08d6b0d4c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/assets/style/VSL.css?v=10024
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24337
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
etag: "5f11-593f4978b1171"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hBUiUKzmAPoG8lSkeLEmgv35GwMLCWVa%2B72TRhicdJRQvIPSwUvlq5eiC0K5XmvPLZlbBqtqtH9DKl%2F1BRhZG6%2BtTeMTrJ5fBItgevf8mvoo%2FZUfdJ%2BRycdt3NM7y6uPJ2pk%2B%2F59rYJ5M5%2FiA%2B3XgL%2FK8XuqDk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7c44b735d9f337de-FRA
priority: u=3,i

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://lostscripturesecrets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 VSL_20210331_A2.6_HighProd.m3u8 Show response
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/ 1 KB
820 B 174ms
83ms XHR
application/x-mpegurl 2600:9000:219c:4a00:9:8536:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProd.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.20.2/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:4a00:9:8536:59c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67c07b279dd750de93b5e5dee30a1c8ad43800778179463bb472341554475537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:46:47 GMT
content-encoding: gzip
via: 1.1 d5fa26f25a4569f608d0dfafd636bc88.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 66495
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 30 Mar 2021 23:17:58 GMT
server: AmazonS3
etag: W/"76dcea5ed93d940b5ae832e6b7b3e99d"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, HEAD
content-type: application/x-mpegURL
access-control-allow-origin: *
x-amz-cf-id: vZevkg_VLGE5kw7OdockC-S6CKMd-StHmj3nDKD_CLF0cNtP0dlNog==

GET
BLOB 200
OK 2b01a936-c37c-4d54-8b05-19c612ce619b
https://lostscripturesecrets.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lostscripturesecrets.com/2b01a936-c37c-4d54-8b05-19c612ce619b
Requested by: Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03ee34a40289cd59a27b110b7eecaf6af7dd295854dd3c9adbf0c087772dfbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length: 6002
Content-Type: application/javascript

GET
BLOB 200
OK c07998eb-8f56-4336-9fb3-6c25429c45b1
https://lostscripturesecrets.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lostscripturesecrets.com/c07998eb-8f56-4336-9fb3-6c25429c45b1
Requested by: Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e814fda4b3a0b92c9a44cbb8d9ce5f220aad949224f9eb4a7fc31c3d9d8e2c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
BLOB 200
OK 950bdfff-5585-4486-b9bc-9e58e7af882c
https://lostscripturesecrets.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lostscripturesecrets.com/950bdfff-5585-4486-b9bc-9e58e7af882c
Requested by: Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e814fda4b3a0b92c9a44cbb8d9ce5f220aad949224f9eb4a7fc31c3d9d8e2c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
H3 200 unmute.svg
lostscripturesecrets.com/assets/images/ 2 KB
2 KB 154ms
153ms Image
image/svg+xml 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lostscripturesecrets.com/assets/images/unmute.svg

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

574be775e6c5a0ceee6f9a3b93c92fc987fb0f9bdb12f932fa2f25d05ee93c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
etag: W/"9a8-593f4978bec33-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F30mA%2Fymu1%2BK%2BLast28bQHn97FMI599%2Bl5iehEG73ja1XODNOsY%2BtvqAiclCky1VzaPXB8zcP6zmMziUmhFCeXn2TYre%2FvVfHdi9t5Nr8PKtYALHR2mXBqcgniVjxBpobH04oYDx3cWBz3o7zDGhBhSK4aNxLZw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b7362a5b37de-FRA
priority: u=3,i

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 87ms
31ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a120ec0cc851cd7e126f13f8dbfee3d099924e84c8567dfbeb3b6f7b6bd84a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 May 2023 21:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 May 2023 21:15:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 May 2023 21:15:01 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
212 B 30ms
29ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1708546313&t=pageview&_s=1&dl=https%3A%2F%2Flostscripturesecrets.com%2F&ul=en-us&de=UTF-8&dt=The%20Exodus%20Effect&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1302611355&gjid=923699007&cid=235708564.1683580501&tid=UA-172780246-2&_gid=1869433315.1683580501&_r=1&gtm=457e3530&jsscut=1&z=1594745722

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 May 2023 21:15:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lostscripturesecrets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/628433881/ 2 KB
2 KB 119ms
66ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628433881/?random=1683580501506&cv=11&fst=1683580501506&bg=ffffff&guid=ON&async=1&gtm=45He3530&u_w=1600&u_h=1200&url=https%3A%2F%2Flostscripturesecrets.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Exodus%20Effect&auid=68613573.1683580502&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PP5N9TT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab3c161148b0e433fca717826e20f9b9fe62b08de62a0d3eae307f9cafdf612a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 21:15:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1186
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 27ms
27ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1708546313&t=pageview&_s=1&dl=https%3A%2F%2Flostscripturesecrets.com%2F&ul=en-us&de=UTF-8&dt=The%20Exodus%20Effect&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=500797935&gjid=634930040&cid=235708564.1683580501&tid=UA-172780246-2&_gid=1869433315.1683580501&_r=1&_slc=1&gtm=45He3530n81PP5N9TT&z=912230910

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 May 2023 21:15:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lostscripturesecrets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 75ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 May 2023 21:15:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6LkRFwxQDWY99aUBsrvJNI3c6j6PXkPDAt+9JUR5iSjRJckuwFvNHpVXPtSlo5+s1vgCQbQ7t2DenAjHivnGiA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 universal-script Show response
175132.tracking.hyros.com/v1/lst/ 37 KB
37 KB 367ms
121ms Script
text/javascript 34.199.5.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.tracking.hyros.com/v1/lst/universal-script?ph=9bc599f9ab46cb2f7507e8577d80913a8c63a505faba2e67e311117d32296386&tag=!exoduseffect
Requested by: Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.5.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-5-193.compute-1.amazonaws.com
Software: /
Resource Hash: efe37b636fc094e5e10d700dddfa36876aa4a58955443c94b342a97a41350f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 37811
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: text/javascript;charset=ISO-8859-1

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 217ms
138ms Script
application/javascript 95.101.111.61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6TP3JRSVD35Q9TRPAO0&lib=ttq
Requested by: Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.61 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-61.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2af8c084b6d0658e2ce2cd452ff3cc6ee085f2695e698ea336a2408185a7a42c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-request-id: 21e34bf2.d237a68
date: Mon, 08 May 2023 21:15:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-70-61.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48291020) (-)
x-parent-response-time: 113,92.123.70.61
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=16, inner; dur=5
content-length: 1552
pragma: no-cache
server: nginx
x-tt-logid: 20230508211501066E2820D3A358376D6A
x-cache-remote: TCP_MISS from a23-220-106-86.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48291020) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.220.106.86
x-tt-trace-host: 01b87769a7f79dff1aa5e504345fe20f9796dacf14d4731373797e181cd060305a39a82b60f3868a525f7eb964c50e547378c4a1c24d72aa18070f461c9a392e66c99ec13b127ac6fbe0b89a1f2470a90b36fbb9e54259fc286e151056fa7d6e40193e3cfeeb90b08b87d39e9cc34da715
expires: Mon, 08 May 2023 21:15:01 GMT

POST
H3 200 setAmplitudeDeviceId Show response
lostscripturesecrets.com/ 5 B
602 B 164ms
164ms XHR
application/json 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/setAmplitudeDeviceId?amplitudeDeviceId=setcgdQfbcQMbOnRgBQdkd

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d10036cce39b0c2bfb70d5d1618f5806ddd2b0be75dd1b3656831f36b0db94bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept: */*
Referer: https://lostscripturesecrets.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eu57ez6Jlim%2FJcbM293Z2RXlpOrZYy3HzIMkeBkQYhmsPMWdyDwSTKucR53Yyr%2Bqgr4dj%2BsI%2B8LrBF%2B7JuOVTbT8hyc2eLnomDjjWD9uWuqANroDqMiLlvnqx%2BZv5ZZxlzPCyH%2Ftsn8Ahc0W2gu%2FtPpXC5lTsPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://lostscripturesecrets.com
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b736ab4837de-FRA
priority: u=1,i
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
206 B 594ms
196ms XHR
text/html 44.225.128.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.225.128.118 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-225-128-118.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 08 May 2023 21:15:02 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-64596656-24d6880836a634e93f005cd6
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
351 B 90ms
29ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-172780246-2&cid=235708564.1683580501&jid=1302611355&gjid=923699007&_gid=1869433315.1683580501&_u=YEBAAUAAAAAAACAAI~&z=1832580654

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 08 May 2023 21:15:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lostscripturesecrets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 82ms
30ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-172780246-2&cid=235708564.1683580501&jid=500797935&gjid=634930040&_gid=1869433315.1683580501&_u=aEDAAUABAAAAACAAI~&z=2028678017

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 08 May 2023 21:15:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lostscripturesecrets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 111ms
50ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lostscripturesecrets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 06:10:22 GMT
x-content-type-options: nosniff
age: 227079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19752
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 06:10:22 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 135ms
74ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lostscripturesecrets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 02:54:06 GMT
x-content-type-options: nosniff
age: 325255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 02:54:06 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 119ms
57ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lostscripturesecrets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 23:53:58 GMT
x-content-type-options: nosniff
age: 249663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 23:53:58 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 125ms
64ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lostscripturesecrets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 20:03:32 GMT
x-content-type-options: nosniff
age: 177089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19816
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:08:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 20:03:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 130ms
70ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lostscripturesecrets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 23:14:12 GMT
x-content-type-options: nosniff
age: 252049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 23:14:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 83ms
22ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lostscripturesecrets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 227086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 06:10:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 105ms
44ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lostscripturesecrets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 180998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 18:58:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 86ms
25ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lostscripturesecrets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 226337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 06:22:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 141ms
80ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lostscripturesecrets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 16:38:09 GMT
x-content-type-options: nosniff
age: 535012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2024 16:38:09 GMT

GET
H2 200 VSL_20210331_A2.6_HighProdhls10_v4.m3u8 Show response
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/ 54 KB
7 KB 64ms
61ms XHR
application/x-mpegurl 2600:9000:219c:4a00:9:8536:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls10_v4.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.20.2/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:4a00:9:8536:59c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 367e78dba7d8fbd759780aed67027fb040efef489581fcba3044cef4ca63a130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:46:47 GMT
content-encoding: gzip
via: 1.1 d5fa26f25a4569f608d0dfafd636bc88.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 66494
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 30 Mar 2021 23:06:13 GMT
server: AmazonS3
etag: W/"93a0c433c0197adaf641d2830bc21ebe"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, HEAD
content-type: application/x-mpegURL
access-control-allow-origin: *
x-amz-cf-id: EYG3YpzDn1ikDGK0Du7ORFTNnyL1jHQnUNxdural3Ajcs_Z2uA4-eg==

GET
H2 200 196687248304241 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 31ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/196687248304241?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f4430801385ea092e7870e56d2e1b075c8e2d457af27e756af2e71892e859fe0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 May 2023 21:15:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88001
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: xg5eyZMChntoNu0mjlR5/Rn+flDPA1V7TcI/NbYzbExCwI5w1wfk2fUoYWt1apSyDZwBEn3RzXMAmOwvAfo70g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/628433881/ 42 B
455 B 99ms
33ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/628433881/?random=1683580501506&cv=11&fst=1683579600000&bg=ffffff&guid=ON&async=1&gtm=45He3530&u_w=1600&u_h=1200&url=https%3A%2F%2Flostscripturesecrets.com%2F&frm=0&tiba=The%20Exodus%20Effect&fmt=3&is_vtc=1&random=1215803942&rmt_tld=0&ipr=y

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 21:15:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/628433881/ 42 B
455 B 99ms
35ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/628433881/?random=1683580501506&cv=11&fst=1683579600000&bg=ffffff&guid=ON&async=1&gtm=45He3530&u_w=1600&u_h=1200&url=https%3A%2F%2Flostscripturesecrets.com%2F&frm=0&tiba=The%20Exodus%20Effect&fmt=3&is_vtc=1&random=1215803942&rmt_tld=1&ipr=y

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 21:15:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8270 15 KB
6 KB 121ms
37ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=lostscripturesecrets.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=95287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://lostscripturesecrets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 21:15:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 481908
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 VSL_20210331_A2.6_HighProdhls_audio_160k_v4.m3u8 Show response
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/ 70 KB
7 KB 138ms
135ms XHR
application/x-mpegurl 2600:9000:219c:4a00:9:8536:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls_audio_160k_v4.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.20.2/video.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:219c:4a00:9:8536:59c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e5c63e55deab02147843c49ce49202c4b5c75d6a899821ce1f26484b6a85797

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:46:48 GMT
content-encoding: gzip
via: 1.1 c4907c4fd6834487e5bf7751d2b09e56.cloudfront.net (CloudFront)
age: 66494
x-amz-cf-pop: CDG3-C2
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 30 Mar 2021 22:58:39 GMT
server: AmazonS3
etag: W/"e81947ba63ae52994206821bb8704dbe"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, HEAD
content-type: application/x-mpegURL
access-control-allow-origin: *
x-amz-cf-id: 40rmPyDHkYzSYkGDcsf5kI_Kp0zACulONN5jB1TmaSiQGVonK6Avdg==

GET
H3 206 VSL_20210331_A2.6_HighProdhls10.ts Show response
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/ 770 KB
770 KB 462ms
462ms XHR
video/mp2t 2600:9000:219c:4a00:9:8536:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls10.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.20.2/video.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:219c:4a00:9:8536:59c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba175b13f78ed0fe1ed6f0ab3b4162223e3bd6701679687b680e2e16c9c81517

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range: bytes=0-788283

Response headers

date: Mon, 08 May 2023 21:15:03 GMT
via: 1.1 c4907c4fd6834487e5bf7751d2b09e56.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
Content-Range: bytes 0-788283/422169228
alt-svc: h3=":443"; ma=86400
Content-Length: 788284
last-modified: Tue, 30 Mar 2021 23:06:13 GMT
server: AmazonS3
etag: "13f5d7056906dfd7e5192676330e2164-81"
vary: Origin
access-control-allow-methods: GET, POST, HEAD
content-type: video/MP2T
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 76pcYhkqSc4kZXO4Tl4jXIY5xlN_FozqivLuUrQlz97HH1h53UKsBQ==

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1683580501745&aid=a-06ld&se=e30&duid=cde5d9f9bf4a--01gzykffk64dd9g935nbk7v8ka&tna=v2.7.1&pu=https%3A%2F%2Flostscripturesecrets.com%2F&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZ...
https://rp4.liadm.com/j?dtstmp=1683580501745&aid=a-06ld&se=e30&duid=cde5d9f9bf4a--01gzykffk64dd9g935nbk7v8ka&tna=v2.7.1&pu=https%3A%2F%2Flostscripturesecrets.com%2F&wpn=lc-bundle&c=PG1ldGEgbmFtZT0i...

13 B
552 B

602ms
114ms

XHR
application/json

3.211.47.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1683580501745&aid=a-06ld&se=e30&duid=cde5d9f9bf4a--01gzykffk64dd9g935nbk7v8ka&tna=v2.7.1&pu=https%3A%2F%2Flostscripturesecrets.com%2F&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPlRoZSBFeG9kdXMgRWZmZWN0PC90aXRsZT48aDE-V2hhdCBpcyB5b3VyIHByaW1hcnkgYWlsbWVudD88L2gxPjxoMT5XaGF0IGlzIHlvdXIgYWdlPzwvaDE-PGgxPkhvdyBtdWNoIHBhaW4gYXJlIHlvdSBpbj88L2gxPjxoMT5Ib3cgc3Ryb25nIGlzIHlvdXIgZmFpdGg_PC9oMT48aDE-SWYgeW91ciBwYWluIHdhcyB3aXBlZCBjbGVhbiwgd2hhdCB3b3VsZCB0aGF0IGRvIGZvciB5b3U_PC9oMT48aDE-VGhhbmtzIFNvIE11Y2ggRm9yIFRha2luZzxicj5PdXIgQW5vbnltb3VzIFN1cnZleTwvaDE-PGgxPkNvdWxkIFRoaXMgQmUgVGhlIEhpZGRlbiBQYXRoIFRvIEhlYWxpbmc_PC9oMT48aDEgaWQ9ImJ1bGxldENUQSI-CjxkaXYgY2xhc3M9ImJsYWNrVHJpYW5nbGUiPjwvZGl2PgpQbGVhc2Ugd2F0Y2ggdGhlIHZpZGVvIGFib3ZlIG5vdyEKPC9oMT4&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojg%3D&n3pc=true

Protocol

Server

3.211.47.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-47-106.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:02 GMT
x-pixel-event-id: 36a5dd6c-550c-4b2c-b5e3-950d90c56a8f
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: ddc77f9d1164fdf8
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Mon, 08 May 2023 21:15:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1683580501745&aid=a-06ld&se=e30&duid=cde5d9f9bf4a--01gzykffk64dd9g935nbk7v8ka&tna=v2.7.1&pu=https%3A%2F%2Flostscripturesecrets.com%2F&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPlRoZSBFeG9kdXMgRWZmZWN0PC90aXRsZT48aDE-V2hhdCBpcyB5b3VyIHByaW1hcnkgYWlsbWVudD88L2gxPjxoMT5XaGF0IGlzIHlvdXIgYWdlPzwvaDE-PGgxPkhvdyBtdWNoIHBhaW4gYXJlIHlvdSBpbj88L2gxPjxoMT5Ib3cgc3Ryb25nIGlzIHlvdXIgZmFpdGg_PC9oMT48aDE-SWYgeW91ciBwYWluIHdhcyB3aXBlZCBjbGVhbiwgd2hhdCB3b3VsZCB0aGF0IGRvIGZvciB5b3U_PC9oMT48aDE-VGhhbmtzIFNvIE11Y2ggRm9yIFRha2luZzxicj5PdXIgQW5vbnltb3VzIFN1cnZleTwvaDE-PGgxPkNvdWxkIFRoaXMgQmUgVGhlIEhpZGRlbiBQYXRoIFRvIEhlYWxpbmc_PC9oMT48aDEgaWQ9ImJ1bGxldENUQSI-CjxkaXYgY2xhc3M9ImJsYWNrVHJpYW5nbGUiPjwvZGl2PgpQbGVhc2Ugd2F0Y2ggdGhlIHZpZGVvIGFib3ZlIG5vdyEKPC9oMT4&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojg%3D&n3pc=true
access-control-allow-origin: https://lostscripturesecrets.com
request-time: 0
access-control-allow-credentials: true
trace-id: b4cb7b2d0e5b68ca
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 200 2768546010100845 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 26ms
26ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2768546010100845?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e30b3af673bd88ee9225e3f86dd125242d0135bdbd4f5e9a9e81c8edfe83dd6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 May 2023 21:15:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87984
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: q4SAn+ICyHh04QhlyIIbfpwXIvKJb0+vcqj/2IPLkGUtPYkr0FJeiybDbGiAVEcNMWXs5yr7jMqoONGI83rwfA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 2BE8 200 B
786 B 24ms
24ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lostscripturesecrets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 10792954
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 08 May 2023 21:15:01 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 414242
x-content-type-options: nosniff
x-request-id: e21da8c5-daf2-4edb-9df9-efd80c2ace41
x-served-by: cache-fra-eddf8230062-FRA

GET
H2 200 main.MWI2MzlmMWJmMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 242 KB
67 KB 28ms
28ms Script
application/javascript 95.101.111.61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6TP3JRSVD35Q9TRPAO0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.61 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-61.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-request-id: d237ae5
date: Mon, 08 May 2023 21:15:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305081131214C483E5695E5698EAF20
vary: Accept-Encoding
x-cache: TCP_HIT from a92-123-70-61.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48291020) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0157f43723f29215137f31f5b705964e6850e11a5c7042a285a2c3f0b4e3af4e1e5e3bb929a15cb8c918bbf77a436a461e91cebefd81c68e65d60fd2bc0852475e072220416435173068c43e57488822542525d726d41bb7f8e6cc29cdbc62b973
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=11
content-length: 67640

POST
H3 200 import Show response
lostscripturesecrets.com/click/ 162 B
728 B 754ms
754ms XHR
application/json 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/click/import

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4918f0c819db7b22245418120931e1df8311ed0a26ae7194fc3b624284b58c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept: */*
Referer: https://lostscripturesecrets.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 08 May 2023 21:15:02 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f363piBSPsx%2FRkYJUXsvDVQz7w1myv7%2F0jJNzhJI65WpccM9ihkJ%2BQ1seJuDHSE00fcSFiX3vFVKqhB6wZtRli6BS3LdWlon0Rm%2BXBqyyu8fHYErMpU%2Fj7PcTGpBu2%2BI1%2BNtNHWb1%2F6xRlD%2FSFUz2ybKFA7kiE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://lostscripturesecrets.com
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b7383d7537de-FRA
priority: u=1,i
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8270
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=lostscripturesecrets.com&sn=ChromeSyncframe&so=0&topUrl=lostscripturesecrets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=LxrPpnxhOWlXeTR5NGZBeEdxbjNyZXNlRDExQ014cU4zQnlNN2RKS3l5NUxVeEQvY0p5amszMVNtM2JBbmhaK3oxSnZqZ0crM3lnb1czMlNlU21SY1dKSUZaRTRLK1JFcUdrL2EzbmtSaHNDTWNIWTF3NVRpZjVVZ1M2Y0...

449 B
667 B

449ms
35ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=LxrPpnxhOWlXeTR5NGZBeEdxbjNyZXNlRDExQ014cU4zQnlNN2RKS3l5NUxVeEQvY0p5amszMVNtM2JBbmhaK3oxSnZqZ0crM3lnb1czMlNlU21SY1dKSUZaRTRLK1JFcUdrL2EzbmtSaHNDTWNIWTF3NVRpZjVVZ1M2Y0h4bWhXZWYvYm1DNWx2eDJsTjlkbXFLa2FQdStkRG51bHpPaGFOQW54dkh1djlCaXBVZk5yYWJNM2ZjT20rbVo2cTUrNjBGdW9hdGNaR2dpZkdudnRCcWRrNkJPVjNXcEJyeHpmKy9wa2xYQVhlOEVLdnRtN21BZVg4SUI3U043OFFWTVRyZURVM1BiWGprMUt4YUlxdGc2a2ltTlJLU0pIdVpOZTM2MFBha2w5ZzRoMTFEVT18&cppv=2

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a10adcb4745e6f5a8b4438cea02ee6dd45641917e719dd8eb982e485681633a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1316628
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 21:15:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=LxrPpnxhOWlXeTR5NGZBeEdxbjNyZXNlRDExQ014cU4zQnlNN2RKS3l5NUxVeEQvY0p5amszMVNtM2JBbmhaK3oxSnZqZ0crM3lnb1czMlNlU21SY1dKSUZaRTRLK1JFcUdrL2EzbmtSaHNDTWNIWTF3NVRpZjVVZ1M2Y0h4bWhXZWYvYm1DNWx2eDJsTjlkbXFLa2FQdStkRG51bHpPaGFOQW54dkh1djlCaXBVZk5yYWJNM2ZjT20rbVo2cTUrNjBGdW9hdGNaR2dpZkdudnRCcWRrNkJPVjNXcEJyeHpmKy9wa2xYQVhlOEVLdnRtN21BZVg4SUI3U043OFFWTVRyZURVM1BiWGprMUt4YUlxdGc2a2ltTlJLU0pIdVpOZTM2MFBha2w5ZzRoMTFEVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 383800
content-length: 0
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2BE8 631 B
468 B 23ms
23ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 08 May 2023 21:15:01 GMT
via: 1.1 varnish
age: 15210612
x-cache: HIT
content-length: 332
x-request-id: 223b585b-a349-48bd-ada6-b1f59265a3ce
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 378572

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 77ms
19ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=196687248304241&ev=PageView&dl=https%3A%2F%2Flostscripturesecrets.com%2F&rl=&if=false&ts=1683580501840&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1683580501839.1098882595&it=1683580501650&coo=false&rqm=GET

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 May 2023 21:15:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 77ms
20ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2768546010100845&ev=PageView&dl=https%3A%2F%2Flostscripturesecrets.com%2F&rl=&if=false&ts=1683580501842&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1683580501839.1098882595&it=1683580501650&coo=false&rqm=GET

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 May 2023 21:15:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2BE8 0
718 B 661ms
256ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 08 May 2023 21:15:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683580502390245
x-envoy-upstream-service-time: 65
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 27
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1683580502360600
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2BE8 0
718 B 718ms
314ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 08 May 2023 21:15:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683580502465556
x-envoy-upstream-service-time: 123
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 16
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1683580502360880
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 48E6 930 B
2 KB 98ms
24ms Document
text/html 99.86.4.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-113.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 107
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 08 May 2023 21:13:15 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id: ucvaD_NdR5d4xdpjdcSvPHIuzoXU3T45Mg653oHTIFm92Yic0PE5qA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 identify_738b3.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 27ms
27ms Script
application/javascript 95.101.111.61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.61 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-61.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-request-id: d237b22
date: Mon, 08 May 2023 21:15:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305081131224C483E5695E5698EAF34
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a92-123-70-61.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48291020) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0157f43723f29215137f31f5b705964e6850e11a5c7042a285a2c3f0b4e3af4e1e5e3bb929a15cb8c918bbf77a436a461ed6bb50577972ccee0f7dbb0c2fd94dc01ad5a8f6edc58f4dff770ca20420f062a53d14d9c0bd19698bdd7c81fbeb2a22
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30877

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
692 B 146ms
144ms Ping
text/plain 95.101.111.61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.61 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-61.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1b589370.d237b42
date: Mon, 08 May 2023 21:15:02 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-70-61.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48291020) (-)
x-parent-response-time: 113,92.123.70.61
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=27, inner; dur=25
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230508211501BA7310D557C911385C22
x-cache-remote: TCP_MISS from a104-78-78-94.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48291020) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,104.78.78.94
x-tt-trace-host: 01b87769a7f79dff1aa5e504345fe20f979abae24f33d99c82589c128ba4de2f3abdac4e98b762da39b42eec289faa475bf94be2b87ba9ed4a86b0849a210c6760ad98e082a7bf57d7cf5d11e6cc9c72f9129fe49dce27c45422b811d556c7f930f4579f8e5fbe7af0d172b06bbd280609
expires: Mon, 08 May 2023 21:15:02 GMT

GET
H3 206 VSL_20210331_A2.6_HighProdhls_audio_160k.ts Show response
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/ 115 KB
115 KB 190ms
189ms XHR
audio/mp2t 2600:9000:219c:4a00:9:8536:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls_audio_160k.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.20.2/video.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:219c:4a00:9:8536:59c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27f012f2a0481070fc7dcb1b0896a47b35ceb4ef339a0062e652278ae079eaad

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range: bytes=0-117311

Response headers

date: Mon, 08 May 2023 19:03:27 GMT
via: 1.1 c4907c4fd6834487e5bf7751d2b09e56.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 7896
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
Content-Range: bytes 0-117311/77989920
alt-svc: h3=":443"; ma=86400
Content-Length: 117312
last-modified: Tue, 30 Mar 2021 22:58:39 GMT
server: AmazonS3
etag: "8d2841b96dfeae7b9ba66ec8ffb03a41-15"
vary: Origin
access-control-allow-methods: GET, POST, HEAD
content-type: audio/MP2T
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 74XfQXpmUzsbEyxnSf3uOb9TJWsvjS31nwoWnSQkWHTCMI_gr7W6_Q==

POST
H2 200 csp-report
q.stripe.com/ Frame 48E6 0
491 B 514ms
216ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: lostscripturesecrets.com
URL: https://lostscripturesecrets.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 08 May 2023 21:15:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683580502376456
x-envoy-upstream-service-time: 22
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1683580502361110
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 48E6 86 KB
16 KB 25ms
25ms Script
text/javascript 99.86.4.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-113.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 May 2023 21:13:19 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 103
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: DEMugjABLJo6c3UQDiNHzHcAQotAp3ykPcoTiNrYumjPUSsjLTtsRg==

GET
H2 200 gusid Show response
175132.t.hyros.com/v1/lst/ 0
483 B 507ms
277ms XHR
text/plain 34.199.5.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.t.hyros.com/v1/lst/gusid?ref_url=https%3A%2F%2Flostscripturesecrets.com%2F
Requested by: Host: 175132.tracking.hyros.com
URL: https://175132.tracking.hyros.com/v1/lst/universal-script?ph=9bc599f9ab46cb2f7507e8577d80913a8c63a505faba2e67e311117d32296386&tag=!exoduseffect
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.5.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-5-193.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lostscripturesecrets.com/
Product-ID: 175132
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:02 GMT
session-id: HB-ET_8f364982a031804a6c70ded327499f9514edb4394fadba212d0008d46e3dd00d
etag: HB-ET_8f364982a031804a6c70ded327499f9514edb4394fadba212d0008d46e3dd00d
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://lostscripturesecrets.com
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 gusid
175132.t.hyros.com/v1/lst/ Frame 0
0 366ms
115ms Preflight 34.199.5.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.t.hyros.com/v1/lst/gusid?ref_url=https%3A%2F%2Flostscripturesecrets.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.5.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-5-193.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: product-id
Access-Control-Request-Method: GET
Origin: https://lostscripturesecrets.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: product-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://lostscripturesecrets.com
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Mon, 08 May 2023 21:15:02 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H3 204 rum Show response
lostscripturesecrets.com/cdn-cgi/ 0
146 B 30ms
29ms XHR
text/plain 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json

Response headers

date: Mon, 08 May 2023 21:15:02 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://lostscripturesecrets.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7c44b739bf4137de-FRA

POST
H2 200 6 Show response
m.stripe.com/ Frame 48E6 156 B
669 B 649ms
208ms XHR
application/json 52.41.104.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.104.164 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-104-164.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0295c8c4b7d446e47489beaf0b7c365c7a9f98dabd6d3fe2bfe168d2f831260a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 08 May 2023 21:15:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683580502579783
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1683580502578369
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 221ms
221ms XHR
text/html 44.225.128.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.225.128.118 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-225-128-118.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 08 May 2023 21:15:02 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-64596656-22976bab1a5af20a299f5525
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H/1.1 200
OK getConfig Show response
cp.pushwoosh.com/json/1.3/ 1 KB
1 KB 98ms
24ms Fetch
application/json 188.40.221.212
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/getConfig
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.221.212 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kubeapi-nue.pushwoosh.com
Software: nginx / pushwoosh/device-api
Resource Hash: ba1d7bd5198227dc5838c5b08af6171558e14f984016201956ddeb6a7ab8573c

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 May 2023 21:15:02 GMT
x-pod-name: pushwoosh-device-api-585d5554cf-gsd2l
content-encoding: gzip
x-pod-ip: 10.222.147.210
x-powered-by: pushwoosh/device-api
transfer-encoding: chunked
x-host-ip: 172.16.3.26
x-pod-namespace: pushwoosh
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-host-name: r3-cl-35.r3h.nue
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=95287&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=4EVLdF9TcXFLZGlkU3Vic1UlMkIlMkZwU1JlM3FEWFBLUzdKWklqbH...
https://widget.us.criteo.com/event?a=95287&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=4EVLdF9TcXFLZGlkU3Vic1UlMkIlMkZwU1JlM3FEWFBLUzdKWklqbH...

8 KB
4 KB

376ms
120ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=95287&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=4EVLdF9TcXFLZGlkU3Vic1UlMkIlMkZwU1JlM3FEWFBLUzdKWklqbHVQM2lPQXRPaUh0cmdRVFA4VWpnaFRMbWhZZ2lCbkplRTVxbldhUW0zY1NvN2JCSlZNaFR4aW0wOTJ2VmZJcUNsMGJXaHVZY3JzOHRnNEVDNWJvMnZqOFZET0hWZktJRiUyQlJVUWI5Nzlwek1CaTJtQUJqNmg0dWxPVFZ3cTFVUmxxc2FyVkQxMW5EYWMlM0Q&tld=lostscripturesecrets.com&dy=1&fu=https%253A%252F%252Flostscripturesecrets.com%252F&ceid=65fc8ca9-e5bf-4545-a9b9-a1a7e345ef1c&dtycbr=15737

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b1254288594a7996d2bfb0ab24da1630fe4e2b2c3a5abb52ecc0c4c36a19a504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 21:15:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 11483575
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 21:15:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=95287&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=4EVLdF9TcXFLZGlkU3Vic1UlMkIlMkZwU1JlM3FEWFBLUzdKWklqbHVQM2lPQXRPaUh0cmdRVFA4VWpnaFRMbWhZZ2lCbkplRTVxbldhUW0zY1NvN2JCSlZNaFR4aW0wOTJ2VmZJcUNsMGJXaHVZY3JzOHRnNEVDNWJvMnZqOFZET0hWZktJRiUyQlJVUWI5Nzlwek1CaTJtQUJqNmg0dWxPVFZ3cTFVUmxxc2FyVkQxMW5EYWMlM0Q&tld=lostscripturesecrets.com&dy=1&fu=https%253A%252F%252Flostscripturesecrets.com%252F&ceid=65fc8ca9-e5bf-4545-a9b9-a1a7e345ef1c&dtycbr=15737
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5028074
timing-allow-origin: *
content-length: 0
expires: 0

POST
H/1.1 200
OK applicationOpen Show response
cp.pushwoosh.com/json/1.3/ 128 B
647 B 24ms
24ms Fetch
application/json 188.40.221.212
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/applicationOpen
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.221.212 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kubeapi-nue.pushwoosh.com
Software: nginx /
Resource Hash: bda0488cafa2fa2eac0079294db23250768172ab0e36269db46a1fdc99d51f67

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 May 2023 21:15:02 GMT
content-encoding: gzip
server: nginx
transfer-encoding: chunked
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

GET
H3 200 manifest.json Show response
lostscripturesecrets.com/ 228 B
698 B 120ms
120ms Fetch
application/json 2606:4700:3030::ac43:de6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lostscripturesecrets.com/manifest.json

Requested by

Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:de6f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5299bb2e133843c854d6a966630afb13c6edecf4d3738a6c4760cf6f9f1cf2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 08 May 2023 21:15:02 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Jul 2020 16:51:04 GMT
server: cloudflare
etag: W/"e4-5aa7dbac975ed-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiea3A1JKDmvIjxeTy3pNUrtmZzK954I0O6KYhnHnVcpKag02SRxqHhjFEd9aSZdOYZyAMb9bTkmLoSWbiVVYiNpJd17eO32n64gcXOvEwBYfnM9abAJRmCKKRGwH6zPkkrfMtbpFCy42B1JVUN8ObGYhHrxsMs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 7c44b73c8aab37de-FRA
priority: u=1,i

GET
H2 200 pc Show response
175132.t.hyros.com/v1/lst/ 117 B
374 B 136ms
133ms XHR
application/json 34.199.5.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Flostscripturesecrets.com%2F&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F113.0.5672.63+Safari%2F537.36
Requested by: Host: 175132.tracking.hyros.com
URL: https://175132.tracking.hyros.com/v1/lst/universal-script?ph=9bc599f9ab46cb2f7507e8577d80913a8c63a505faba2e67e311117d32296386&tag=!exoduseffect
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.5.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-5-193.compute-1.amazonaws.com
Software: /
Resource Hash: 5898054d1cde10131e31e21aeaf8d3961130f1116dc4d5f90214f2bc22293e88

Request headers

Session-ID: HB-ET_8f364982a031804a6c70ded327499f9514edb4394fadba212d0008d46e3dd00d
Product-ID: 175132
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Referer: https://lostscripturesecrets.com/
Access-Control-Allow-Headers: *

Response headers

date: Mon, 08 May 2023 21:15:03 GMT
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://lostscripturesecrets.com
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 117

OPTIONS
H2 200 pc
175132.t.hyros.com/v1/lst/ Frame 0
0 117ms
116ms Preflight 34.199.5.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Flostscripturesecrets.com%2F&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F113.0.5672.63+Safari%2F537.36
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.5.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-5-193.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Request-Method: GET
Origin: https://lostscripturesecrets.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://lostscripturesecrets.com
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Mon, 08 May 2023 21:15:02 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 2C11
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-lWC0-pbfcO8UUkz9XhBZjmsC1TpRTSkRUFHeJg&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-lWC0-pbfcO8UUkz9XhBZjmsC1TpRTSkRUFHeJg&expires=30

43 B
345 B

25ms
25ms

Image
image/gif

3.76.101.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-lWC0-pbfcO8UUkz9XhBZjmsC1TpRTSkRUFHeJg&expires=30
Protocol: H2
Server: 3.76.101.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-101-133.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-lWC0-pbfcO8UUkz9XhBZjmsC1TpRTSkRUFHeJg&expires=30
date: Mon, 08 May 2023 21:15:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2C11
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-_odzDpbfcO8UUkz9XhBZjmsC1Trqb_8KfMaB2w&google_cm&google_hm=ay1fb2R6RHBiZmNPOFVVa3o5WGhCWmptc0MxVHJxYl84S...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-_odzDpbfcO8UUkz9XhBZjmsC1Trqb_8KfMaB2w&google_gid=CAESEOT6ATDVCbtRWnLZJpUboZk&google_cver=1&google_ula=913071,0

43 B
369 B

36ms
29ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-_odzDpbfcO8UUkz9XhBZjmsC1Trqb_8KfMaB2w&google_gid=CAESEOT6ATDVCbtRWnLZJpUboZk&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 21:15:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 772488
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 21:15:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-_odzDpbfcO8UUkz9XhBZjmsC1Trqb_8KfMaB2w&google_gid=CAESEOT6ATDVCbtRWnLZJpUboZk&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 2C11
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4399126511432542239

43 B
370 B

30ms
30ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4399126511432542239

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 21:15:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1035317
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 08 May 2023 21:15:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.29; 217.114.218.29; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7aedd2ef-3ad3-4112-9498-39b8f08e5478
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4399126511432542239
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 2C11
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-56Io15bfcO8UUkz9XhBZjmsC1Tq2-y-T3uU_eg
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-56Io15bfcO8UUkz9XhBZjmsC1Tq2-y-T3uU_eg

43 B
1 KB

22ms
22ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-56Io15bfcO8UUkz9XhBZjmsC1Tq2-y-T3uU_eg

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 May 2023 21:15:03 GMT
AN-X-Request-Uuid: 7bb89fd7-a673-437f-8bdd-5e38eec93b58
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.29; 217.114.218.29; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 08 May 2023 21:15:03 GMT
AN-X-Request-Uuid: f1c95180-7f39-4511-a7bb-7f84c5d263ca
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-56Io15bfcO8UUkz9XhBZjmsC1Tq2-y-T3uU_eg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.29; 217.114.218.29; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 2C11 61 B
802 B 117ms
53ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-_phoOZbfcO8UUkz9XhBZjmsC1To0FH_ZD3Hhow

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 08 May 2023 21:15:03 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Mon, 08 May 2023 21:15:03 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 2C11 0
239 B 101ms
21ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-UakR9JbfcO8UUkz9XhBZjmsC1TozS7xjGwVVAw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 2C11 0
366 B 99ms
20ms Image
text/plain 52.58.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-4mz9SpbfcO8UUkz9XhBZjmsC1Tp37rjKpj1SMA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.47.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-47-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:03 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 2C11 43 B
114 B 163ms
31ms Image
image/gif 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-8-u_DZbfcO8UUkz9XhBZjmsC1Tr_8AgQdXZVbA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:02 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2C11 0
99 B 160ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-xSlOypbfcO8UUkz9XhBZjmsC1Tp2_lC-htz8mQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28207

GET
H2 200 um
criteo-sync.teads.tv/ Frame 2C11 23 B
172 B 136ms
50ms Image
image/gif 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-1ZbdlZbfcO8UUkz9XhBZjmsC1To1OdRlDYL9_A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Mon, 08 May 2023 21:15:03 GMT
pragma: no-cache
date: Mon, 08 May 2023 21:15:03 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 2C11 37 B
140 B 75ms
22ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-LD6Ji5bfcO8UUkz9XhBZjmsC1Toj-y7gnxzaUQ&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 2C11
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-bBKAoJbfcO8UUkz9XhBZjmsC1Trd-PT7nM89jg
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-bBKAoJbfcO8UUkz9XhBZjmsC1Trd-PT7nM89jg&verify=true

0
121 B

24ms
23ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-bBKAoJbfcO8UUkz9XhBZjmsC1Trd-PT7nM89jg&verify=true

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:03 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-bBKAoJbfcO8UUkz9XhBZjmsC1Trd-PT7nM89jg&verify=true
date: Mon, 08 May 2023 21:15:03 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 2C11 43 B
163 B 112ms
30ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-DUR9t5bfcO8UUkz9XhBZjmsC1TrlXkyaPuAZvw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:03 GMT
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "637799aa-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 2C11 49 B
235 B 116ms
38ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-gM-Ci5bfcO8UUkz9XhBZjmsC1TpqJF4sGICUlg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 21:15:03 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 6
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 2C11
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WeZ1y5bfcO8UUkz9XhBZjmsC1TofsDqqSMsUGw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WeZ1y5bfcO8UUkz9XhBZjmsC1TofsDqqSMsUGw&C=1

43 B
766 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WeZ1y5bfcO8UUkz9XhBZjmsC1TofsDqqSMsUGw&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 May 2023 21:15:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 08 May 2023 21:15:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-WeZ1y5bfcO8UUkz9XhBZjmsC1TofsDqqSMsUGw&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 2C11
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=k5_DEnrZVRJWjMwYKZRvpFzEi7Ai9gID
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=k5_DEnrZVRJWjMwYKZRvpFzEi7Ai9gID

42 B
942 B

49ms
48ms

Image
image/gif

52.208.156.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=k5_DEnrZVRJWjMwYKZRvpFzEi7Ai9gID

Protocol

HTTP/1.1

Server

52.208.156.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-156-123.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-0d6340410.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: QXFxeDxZS6I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v048-0e656d7cf.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: GcyfiaeERJM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=k5_DEnrZVRJWjMwYKZRvpFzEi7Ai9gID
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 2C11 43 B
1 KB 78ms
23ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-9z265pbfcO8UUkz9XhBZjmsC1To5sbsnyHiVsA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 08 May 2023 21:15:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 2C11
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-xvnTK5bfcO8UUkz9XhBZjmsC1TojhAHgVq_p_A
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xvnTK5bfcO8UUkz9XhBZjmsC1TojhAHgVq_p_A

43 B
447 B

49ms
49ms

Image
image/gif

52.212.129.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xvnTK5bfcO8UUkz9XhBZjmsC1TojhAHgVq_p_A
Protocol: H2
Server: 52.212.129.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-129-217.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 08 May 2023 21:15:03 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xvnTK5bfcO8UUkz9XhBZjmsC1TojhAHgVq_p_A
access-control-allow-origin: *
date: Mon, 08 May 2023 21:15:03 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 2C11 42 B
274 B 101ms
32ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-FB98dZbfcO8UUkz9XhBZjmsC1Tq_zdpjqMNJww
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:03 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 2C11 0
885 B 100ms
32ms Image
text/html 35.156.238.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-_BLBQZbfcO8UUkz9XhBZjmsC1Trknw_H9vgRAg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.238.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-238-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:03 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 2C11 0
145 B 475ms
106ms Image
text/plain 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-4hhB5pbfcO8UUkz9XhBZjmsC1ToWZrgZBD6CfQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 21:15:03 GMT
Cache-Control: no-cache
X-TraceId: 13e57138953c83d02b1d3e800d319288
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 2C11 42 B
584 B 266ms
30ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-6yKUdZbfcO8UUkz9XhBZjmsC1TqTYBvhdnXaiw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 08 May 2023 21:15:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 2C11 43 B
400 B 379ms
113ms Image
image/gif 2600:1f18:612b:4216:4eaf:fc79:e33b:d580
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-WjIYfJbfcO8UUkz9XhBZjmsC1TqMKBgNwgM1kw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:4eaf:fc79:e33b:d580 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 08 May 2023 21:15:03 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 2C11 43 B
153 B 255ms
40ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-ZgocPZbfcO8UUkz9XhBZjmsC1TppDkLGPjo1-g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 08 May 2023 21:15:03 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 2C11 0
400 B 215ms
40ms Image
text/plain 23.215.16.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-0kPl4pbfcO8UUkz9XhBZjmsC1TphEkqb4IMvsg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-16-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 May 2023 21:15:03 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 07 May 2023 21:15:03 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 2C11 0
38 B 236ms
49ms Image
text/plain 99.81.96.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-SKE5SpbfcO8UUkz9XhBZjmsC1TqKqPS3wRGhxg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.96.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-96-216.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:15:03 GMT
content-length: 0

POST
H2 200 checkDevice Show response
redhotm.pushwoosh.com/json/1.3/ 146 B
473 B 110ms
27ms Fetch
application/json 88.198.239.115
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://redhotm.pushwoosh.com/json/1.3/checkDevice
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.198.239.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: r1-front-08.pushwoosh.com
Software: nginx /
Resource Hash: 839d4d1e6d0ff78751c6ecad5c106307d0087406ee5c839d06cfc711426dc215

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 May 2023 21:15:03 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

POST
H2 200 getInboxMessages Show response
redhotm.pushwoosh.com/json/1.3/ 92 B
529 B 25ms
25ms Fetch
application/json 88.198.239.115
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://redhotm.pushwoosh.com/json/1.3/getInboxMessages
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.198.239.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: r1-front-08.pushwoosh.com
Software: nginx / phpDaemon/1.0-beta3
Resource Hash: 66953ec36df0521f570c15ba683310ed68e95ddb31f41b9db9e4108e2db29423

Request headers

Referer: https://lostscripturesecrets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 May 2023 21:15:03 GMT
x-pw-front-node: inbox-api-69f769d874-cfkfh
content-encoding: gzip
server: nginx
x-powered-by: phpDaemon/1.0-beta3
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
x-pw-cluster-node: inbox-api-69f769d874-cfkfh
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 20ms
20ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=196687248304241&ev=Microdata&dl=https%3A%2F%2Flostscripturesecrets.com%2F&rl=&if=false&ts=1683580503343&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Exodus%20Effect%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1683580501839.1098882595&it=1683580501650&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 May 2023 21:15:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 20ms
19ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2768546010100845&ev=Microdata&dl=https%3A%2F%2Flostscripturesecrets.com%2F&rl=&if=false&ts=1683580503344&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Exodus%20Effect%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1683580501839.1098882595&it=1683580501650&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 May 2023 21:15:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK chrome.jpg
cdn.pushwoosh.com/webpush/img/ 37 KB
38 KB 51ms
51ms Image
image/jpeg 195.201.240.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pushwoosh.com/webpush/img/chrome.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.240.51 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cache-05.pushwoosh.com
Software: nginx /
Resource Hash: 1d9d7ae5da2739bb3c90c97c41799f0555a7711122deebad64ff48789b30671e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-Proxy-Cache: HIT
Date: Mon, 08 May 2023 21:15:03 GMT
X-Cache-Status: HIT
Connection: keep-alive
Content-Length: 38391
Last-Modified: Wed, 09 Jun 2021 13:23:33 GMT
Server: nginx
ETag: "a4a1bfc744068b330bbb9fd7ad8f4d6e"
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-rgw-object-type: Normal
Cache-Control: max-age=3600, public
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
Expires: Mon, 08 May 2023 22:15:03 GMT

GET
H/1.1 200
OK chrome_unlock.jpg
cdn.pushwoosh.com/webpush/img/ 45 KB
45 KB 50ms
26ms Image
image/jpeg 195.201.240.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pushwoosh.com/webpush/img/chrome_unlock.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.240.51 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cache-05.pushwoosh.com
Software: nginx /
Resource Hash: c9c4b6ee5cd74a8dae3caa85f95678aa592c060d18c6f21e37c0d0e1446dc4af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lostscripturesecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-Proxy-Cache: HIT
Date: Mon, 08 May 2023 21:15:03 GMT
X-Cache-Status: HIT
Connection: keep-alive
Content-Length: 45797
Last-Modified: Wed, 09 Jun 2021 13:23:33 GMT
Server: nginx
ETag: "9c37d8ab595f88bac2d323e77ff5e5dc"
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-rgw-object-type: Normal
Cache-Control: max-age=3600, public
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
Expires: Mon, 08 May 2023 22:15:03 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 2C11
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=RhW-cJ1sm7QCM14mioqTNLUyVUajxdDM

0
338 B

165ms
44ms

Image
text/plain

54.154.227.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=RhW-cJ1sm7QCM14mioqTNLUyVUajxdDM
Protocol: H2
Server: 54.154.227.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-227-90.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by: beacon-n001-dub-prod.krxd.net
date: Mon, 08 May 2023 21:15:03 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1683580503
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=RhW-cJ1sm7QCM14mioqTNLUyVUajxdDM
date: Mon, 08 May 2023 21:15:03 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 624344
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 2C11
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=fIo-bXVFRcGlTSUdmcTQfPX3-fRDTj84

35 B
268 B

377ms
115ms

Image
image/gif

3.16.8.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=fIo-bXVFRcGlTSUdmcTQfPX3-fRDTj84
Protocol: H2
Server: 3.16.8.48 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-8-48.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 21:15:04 GMT
x-bt-requestid: 666f0940-ede5-11ed-9768-0000ac170017
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=fIo-bXVFRcGlTSUdmcTQfPX3-fRDTj84
date: Mon, 08 May 2023 21:15:02 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 716752
content-length: 0

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
175132.t.hyros.com/v1/lst	1970-01-20 21:15:40	Name: __mh_tt_s Value: HB-ET_8f364982a031804a6c70ded327499f9514edb4394fadba212d0008d46e3dd00d
.lostscripturesecrets.com/	1970-01-20 11:54:04	Name: PHPSESSID Value: 7b345mai3s56vcpvl2i48fmirq
.lostscripturesecrets.com/	1970-01-20 21:15:40	Name: _ga Value: GA1.2.235708564.1683580501
.lostscripturesecrets.com/	1970-01-20 11:41:06	Name: _gid Value: GA1.2.1869433315.1683580501
.lostscripturesecrets.com/	1970-01-20 11:39:40	Name: _gat_gtag_UA_172780246_2 Value: 1
.lostscripturesecrets.com/	1970-01-20 13:49:16	Name: _gcl_au Value: 1.1.68613573.1683580502
.lostscripturesecrets.com/	1970-01-20 11:39:40	Name: _gat_UA-172780246-2 Value: 1
lostscripturesecrets.com/	1970-01-20 11:49:45	Name: AMPLITUDE_DEVICE_ID Value: setcgdQfbcQMbOnRgBQdkd
.lostscripturesecrets.com/	1970-01-20 21:15:40	Name: amp_0a2f9a Value: setcgdQfbcQMbOnRgBQdkd...1gvujffh3.1gvujffhd.1.1.2
.lostscripturesecrets.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .lostscripturesecrets.com
.lostscripturesecrets.com/	1970-01-20 21:15:40	Name: _lc2_fpi Value: cde5d9f9bf4a--01gzykffk64dd9g935nbk7v8ka
.tiktok.com/	1970-01-20 21:01:16	Name: _ttp Value: 2PWl1Jiu8ktRZQjwltFM2axYQcL
.criteo.com/	1970-01-20 21:01:16	Name: uid Value: 29a4cadf-9d37-4932-8ec2-f673bcc8a223
.lostscripturesecrets.com/	1970-01-20 13:49:16	Name: _fbp Value: fb.1.1683580501839.1098882595
.lostscripturesecrets.com/	1970-01-20 21:01:16	Name: _tt_enable_cookie Value: 1
.lostscripturesecrets.com/	1970-01-20 21:01:16	Name: _ttp Value: QjgBv0xwMBiiYQ3y8VhKSX-tEFE
.liadm.com/	1970-01-20 21:15:40	Name: lidid Value: ae7413e8-220f-47dc-9211-2b31bb2a5435
.lostscripturesecrets.com/	1970-01-20 21:09:04	Name: cto_bundle Value: 4EVLdF9TcXFLZGlkU3Vic1UlMkIlMkZwU1JlM3FEWFBLUzdKWklqbHVQM2lPQXRPaUh0cmdRVFA4VWpnaFRMbWhZZ2lCbkplRTVxbldhUW0zY1NvN2JCSlZNaFR4aW0wOTJ2VmZJcUNsMGJXaHVZY3JzOHRnNEVDNWJvMnZqOFZET0hWZktJRiUyQlJVUWI5Nzlwek1CaTJtQUJqNmg0dWxPVFZ3cTFVUmxxc2FyVkQxMW5EYWMlM0Q
m.stripe.com/	1970-01-20 21:15:40	Name: m Value: 65294737-97bb-43cf-9deb-3e10be79fc076d7a06
.lostscripturesecrets.com/	1970-01-20 20:25:16	Name: __stripe_mid Value: 3b74f2b5-9596-4b4e-b34c-171df30c40853a347f
.lostscripturesecrets.com/	1970-01-20 11:39:42	Name: __stripe_sid Value: 6c348c03-1718-432c-8793-86efc85093ea77afdf
.doubleclick.net/	1970-01-20 21:01:16	Name: IDE Value: AHWqTUkbc2TtylAvLx6cg_cagF_GE916eDIwaGfCgfn6A7no4n0mBGC03FNyUn3Gof8
.adnxs.com/	1970-01-20 13:49:16	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2GU(p6<])!]tbPl@/D!9hy6]/CwiPgZW2)4fy%3mbfr9bC5qUdcV(haODkYxQ_E?I+T4h1FVC2^VMZn34UbpRzqF1`*ba+G+MIMI
match.sharethrough.com/	1970-01-20 11:49:45	Name: AWSALBCORS Value: bYTQKNThP+tf/4KsA93E7tkba3lZEqnpZOpNqaNg4Q+488nPZRChFBUFAR4qWQUk5ngrl7hvCLgwEtn+DDN/WOFlf3j3vhMcn6NmXKvYRSvpEpEMYLFOCr98tEBH
.media.net/	1970-01-20 20:25:16	Name: visitor-id Value: 3265821038281392000V10
.media.net/	1970-01-20 12:22:52	Name: data-c-ts Value: 1683580503
.media.net/	1970-01-20 12:22:52	Name: data-c Value: k-_phoOZbfcO8UUkz9XhBZjmsC1To0FH_ZD3Hhow~~3
.adnxs.com/	1970-01-20 13:49:16	Name: uuid2 Value: 4399126511432542239
.id5-sync.com/	1970-01-20 11:39:40	Name: cf Value:
.id5-sync.com/	1970-01-20 11:39:40	Name: cip Value:
.id5-sync.com/	1970-01-20 11:39:40	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:39:40	Name: car Value:
.id5-sync.com/	1970-01-20 11:39:40	Name: gdpr Value:
.id5-sync.com/	1970-01-20 11:39:40	Name: callback Value:
.casalemedia.com/	1970-01-20 20:25:16	Name: CMID Value: ZFlmV7prXAdj39eI-q1A4AAA
.casalemedia.com/	1970-01-20 13:49:16	Name: CMPS Value: 1132
.casalemedia.com/	1970-01-20 13:49:16	Name: CMPRO Value: 1132
.bidswitch.net/	1970-01-20 20:25:16	Name: tuuid Value: 920eb97e-839e-4cc0-b806-7bbd51459f10
.bidswitch.net/	1970-01-20 20:25:16	Name: c Value: 1683580503
.bidswitch.net/	1970-01-20 20:25:16	Name: tuuid_lu Value: 1683580503
exchange.mediavine.com/	1970-01-20 11:59:50	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22660b1750-ede5-11ed-8442-f59aa5f9b784%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:59:50	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22660b1750-ede5-11ed-8442-f59aa5f9b784%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:59:50	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22660b1750-ede5-11ed-8442-f59aa5f9b784%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:59:50	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22660b1750-ede5-11ed-8442-f59aa5f9b784%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:59:50	Name: criteo Value: %7B%22id%22%3A%22k-_BLBQZbfcO8UUkz9XhBZjmsC1Trknw_H9vgRAg%22%2C%22version%22%3A%22criteo%22%7D
.demdex.net/	1970-01-20 15:58:52	Name: demdex Value: 53329277117603038222686811094058183777
.dpm.demdex.net/	1970-01-20 15:58:52	Name: dpm Value: 53329277117603038222686811094058183777
.yahoo.com/	1970-01-20 20:25:38	Name: A3 Value: d=AQABBFdmWWQCEIlmw-WL-IEYOPKPje4W1ckFEgEBAQG3WmRjZOAXyiMA_eMAAA&S=AQAAAriW4UismxSqPcDW8CT10Gs
.pubmatic.com/	1970-01-20 12:22:52	Name: KRTBCOOKIE_97 Value: 3385-uid:k-6yKUdZbfcO8UUkz9XhBZjmsC1TqTYBvhdnXaiw&KRTB&23144-uid:k-6yKUdZbfcO8UUkz9XhBZjmsC1TqTYBvhdnXaiw&KRTB&23286-uid:k-6yKUdZbfcO8UUkz9XhBZjmsC1TqTYBvhdnXaiw&KRTB&23287-uid:k-6yKUdZbfcO8UUkz9XhBZjmsC1TqTYBvhdnXaiw
.pubmatic.com/	1970-01-20 12:22:52	Name: PugT Value: 1683580501
.analytics.yahoo.com/	1970-01-20 20:25:16	Name: IDSYNC Value: 18zh~2bj9
.360yield.com/	1970-01-20 13:49:16	Name: tuuid Value: f12f0f26-710f-4511-a9a8-6929d622a090
.360yield.com/	1970-01-20 13:49:16	Name: tuuid_lu Value: 1683580503
.360yield.com/	1970-01-20 13:49:16	Name: um Value: !38,Y9Mq8uraAm3HB6fRWeDAk4CP-MAn7vfaAqmoBprAiQQ8ugicMniLjZuRaUM46YGbTIgGaE4E,1691356503
.360yield.com/	1970-01-20 13:49:16	Name: umeh Value: !38,0,1745788503,-1
.krxd.net/	1970-01-20 15:58:52	Name: _kuid_ Value: PivZTznT
.tremorhub.com/	1970-01-20 20:25:37	Name: tvid Value: ebf8c539701647f38fc0f6a27fb66fb8
.tremorhub.com/	1970-01-20 12:22:52	Name: tv_UICR Value: k-WjIYfJbfcO8UUkz9XhBZjmsC1TqMKBgNwgM1kw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

175132.t.hyros.com
175132.tracking.hyros.com
a.twiago.com
ad.360yield.com
ad.yieldlab.net
ajax.googleapis.com
analytics.tiktok.com
api.amplitude.com
b-code.liadm.com
beacon.krxd.net
cdn.amplitude.com
cdn.pushwoosh.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cp.pushwoosh.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d2tjsej3ucxx0n.cloudfront.net
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
js.stripe.com
lostscripturesecrets.com
m.stripe.com
m.stripe.network
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
q.stripe.com
r.casalemedia.com
redhotm.pushwoosh.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.thebrighttag.com
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
vjs.zencdn.net
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
104.102.35.84
13.226.156.84
141.226.228.48
141.95.33.111
151.101.192.176
172.217.18.2
178.250.1.9
178.250.7.13
185.255.84.153
185.64.189.110
185.80.39.216
185.86.139.101
188.40.221.212
195.201.240.51
2.18.235.93
23.215.16.120
2600:1f18:612b:4216:4eaf:fc79:e33b:d580
2600:1f18:730:b150:c922:c4f2:8c5e:8b2
2600:9000:2182:5400:8:8845:1500:93a1
2600:9000:219c:4a00:9:8536:59c0:21
2606:4700:3030::6815:4e8e
2606:4700:3030::ac43:de6f
2606:4700::6810:3965
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200a
2a00:1450:400c:c0c::9b
2a02:2638:3::c
2a02:2638:3::e
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42::729
3.16.8.48
3.211.47.106
3.75.62.37
3.76.101.133
34.117.157.22
34.199.5.193
35.156.238.127
37.157.3.20
37.252.171.22
37.252.171.84
44.225.128.118
52.208.156.123
52.212.129.217
52.41.104.164
52.58.47.177
54.154.227.90
54.187.119.242
64.202.112.191
69.173.144.138
74.119.119.150
76.223.111.18
85.215.5.31
88.198.239.115
95.101.111.61
99.81.96.216
99.86.4.113
0295c8c4b7d446e47489beaf0b7c365c7a9f98dabd6d3fe2bfe168d2f831260a
03ee34a40289cd59a27b110b7eecaf6af7dd295854dd3c9adbf0c087772dfbcc
0e5c63e55deab02147843c49ce49202c4b5c75d6a899821ce1f26484b6a85797
10c61058d7b2a016cd6de6887a2fd4c4baf43babd098120c573cf5f386b5d37a
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
14ca7f5dab60d993d6e496de40a3584f23ffa09ae0f78dc75c7c1f233bd703dd
1d9d7ae5da2739bb3c90c97c41799f0555a7711122deebad64ff48789b30671e
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
233389aead41af7541302c38e1fdb117523eceb02f88386e233a0c876246aa9b
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
27f012f2a0481070fc7dcb1b0896a47b35ceb4ef339a0062e652278ae079eaad
2ab0932269d9897fd43c2bcda82dc75121d96bea933bd64726bc772e054ca7ab
2af8c084b6d0658e2ce2cd452ff3cc6ee085f2695e698ea336a2408185a7a42c
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
367e78dba7d8fbd759780aed67027fb040efef489581fcba3044cef4ca63a130
44c234ab1ce11ec976837b360aa64d76f081f31d25192acfd1c88eb735e7def3
4534203d73df094bf991ad0f42631889f0a020e90a00b311e76406822f5512ff
4918f0c819db7b22245418120931e1df8311ed0a26ae7194fc3b624284b58c92
49786cfd1a0a7c26d2e5dd566ce253b3c6930058bf3e138068afc3fbdcfe820b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e30b3af673bd88ee9225e3f86dd125242d0135bdbd4f5e9a9e81c8edfe83dd6
5299bb2e133843c854d6a966630afb13c6edecf4d3738a6c4760cf6f9f1cf2f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a979130309c3f0d4398298f648e90a8ded2df500fdf3c758e9051ecf6229cb
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
574be775e6c5a0ceee6f9a3b93c92fc987fb0f9bdb12f932fa2f25d05ee93c58
5898054d1cde10131e31e21aeaf8d3961130f1116dc4d5f90214f2bc22293e88
58c66125e56c6f77e4ae6e45ce3b9d29d46efbdb8919aa59d7261ecae9ff8675
5963045ddf0108c47a1b4383dbf93e70a4b166f2981407ef9cbc0c5b5567c9ce
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
65150f4326bea9a1e704ad7c5ea77aa14afd53cfc8878d7b02eedd806220999c
66953ec36df0521f570c15ba683310ed68e95ddb31f41b9db9e4108e2db29423
67c07b279dd750de93b5e5dee30a1c8ad43800778179463bb472341554475537
6a976576c30c8355b268f0503b84d260c4f3856bc7b5ce55cacc0ff4b5904595
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73035e8c2ba7bc19f518e6b1bc729d538a7a9b7ed2f8ca0b31eb21ef61911631
75f59892601e22f9269e75a868d0da3d89280978ea5700fcc351ac809ac56ff6
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839d4d1e6d0ff78751c6ecad5c106307d0087406ee5c839d06cfc711426dc215
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c832a51f9af77c74c83ce43fe3d336620c44ad1897a67f0bb94444e11bfd993
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8e64e864863ebe52f74ec33907ad913235e3b749a68794e0180d02cb8af27f9e
9898853d870512fc480af73452d00d17a5d0c62d3329560d80542f1397b82330
9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10adcb4745e6f5a8b4438cea02ee6dd45641917e719dd8eb982e485681633a6
a120ec0cc851cd7e126f13f8dbfee3d099924e84c8567dfbeb3b6f7b6bd84a45
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a600e503fc0dcb171bd2ce6b639bbb5cf35b91ccc3c045324a7a4e2603683a0f
ab124775fec26df3819b69e6ddbad542a2c52602d5958c8af915563ef268e75a
ab3c161148b0e433fca717826e20f9b9fe62b08de62a0d3eae307f9cafdf612a
abd87251504843aba43e41c58605e54abc8489c79caad3c1e9eaa02d155cd90e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1254288594a7996d2bfb0ab24da1630fe4e2b2c3a5abb52ecc0c4c36a19a504
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1abfc16178b09de26b11065884d3afebe3c3c1c0a41ab099a83f7ebadd2f2d4
b79b3c2125d796f5b97ee9510694ac8c539d6c617588a4b7f60d23124eca2ce3
b983137077f81c960fff5bb7d0110705215444e15b4c0488b9bbf4c9897849ca
ba175b13f78ed0fe1ed6f0ab3b4162223e3bd6701679687b680e2e16c9c81517
ba1d7bd5198227dc5838c5b08af6171558e14f984016201956ddeb6a7ab8573c
baac471c1c739eb5df38c043ab97d3ecf23aab472f70511af0d433da2253456b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd616c4a3946234ce3a8528dcf14a9c6aae00bb513b0c237c96706e35b5c66d2
bda0488cafa2fa2eac0079294db23250768172ab0e36269db46a1fdc99d51f67
bfd1dfa6765654e85cec85dc6cdb53ad64cc3a3a64d0e010b35838f2c762a6f3
c7c2fbcdf7ea62bdeae2d3b3a1e7fe72278e4d3438ff9ec98713a08d6b0d4c5a
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
c906d4588bd040aa2140be2840723a72bc01e092d5e9db2211b8a2d388a8821f
c9c4b6ee5cd74a8dae3caa85f95678aa592c060d18c6f21e37c0d0e1446dc4af
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d10036cce39b0c2bfb70d5d1618f5806ddd2b0be75dd1b3656831f36b0db94bf
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d852a478da86a57ea6001d3c6189a400023c810dcb89fc57e64c8283dff7ee9f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e38372d8696f210809f6821f0b00c84e57beff6b12b40bdba9954c257bb3b0a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e814fda4b3a0b92c9a44cbb8d9ce5f220aad949224f9eb4a7fc31c3d9d8e2c1d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef51b56751eefcbcfe90712bf382e5d75348e90394e53006f6aaaf33fa3c03ae
ef6593f5753f1cb95a8eb445cc05f5d22990a8ec4b5e6e28d47872a5755a1bf1
ef6e13231ec40eac8229a1af785e63b6e9b501d10e2b99fa6c301ddebd983692
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
efe37b636fc094e5e10d700dddfa36876aa4a58955443c94b342a97a41350f47
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f4430801385ea092e7870e56d2e1b075c8e2d457af27e756af2e71892e859fe0
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9cf00da3ed66835c3383eefe3ece96b304fe05d61d742104bbfafcde4ca282b

lostscripturesecrets.com Open in urlscan Pro 2606:4700:3030::ac43:de6f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

133 Requests

88 %HTTPS

33 %IPv6

47 Domains

64 Subdomains

60 IPs

9 Countries

3979 kBTransfer

6548 kBSize

58 Cookies

0 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lostscripturesecrets.com Open in urlscan Pro
2606:4700:3030::ac43:de6f Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

88 %
HTTPS

33 %
IPv6

47
Domains

64
Subdomains

60
IPs

9
Countries

3979 kB
Transfer

6548 kB
Size

58
Cookies

133 HTTP transactions
1 data transactions