urlscan.io logo urlscan.io
SecurityTrails logo

arenahewan.com Open in urlscan Pro
2606:4700:30::6818:6a59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://arenahewan.com/css-wetransfer/WeT%20ransfer
Effective URL: http://arenahewan.com/css-wetransfer/WeT%20ransfer
Submission: On April 04 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 7 domains to perform 26 HTTP transactions. The main IP is 2606:4700:30::6818:6a59, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is arenahewan.com.
This is the only time arenahewan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:30:... 13335 (CLOUDFLAR...)
8 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 216.58.207.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
26 11
2    2606:4700:30::6818:6a59 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
arenahewan.com
8    2606:4700:30::6818:6b59 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
arenahewan.com
2    2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:80b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
googleads.g.doubleclick.net
1    2a00:1450:4001:81e::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:809::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
1    2a00:1450:4001:817::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:81e::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:818::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
Domain Requested by
10 arenahewan.com arenahewan.com
pagead2.googlesyndication.com
4 pagead2.googlesyndication.com arenahewan.com
pagead2.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com arenahewan.com
2 www.googletagservices.com arenahewan.com
pagead2.googlesyndication.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
26 9

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-03-13 -
2020-03-13		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://arenahewan.com/css-wetransfer/WeT%20ransfer
Frame ID: 9C49FCCF6E60EFEF774D238DA37E6F55
Requests: 23 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190401/r20190131/show_ads_impl.js
Frame ID: AFB1E15FE464C5E4D8B8B217197D90A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190401/r20190131/zrt_lookup.html
Frame ID: 82100BF91BBE08E6032708FD7D2E15D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3098295775077215&output=html&adk=1812271804&adf=3025194257&lmt=1554405521&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Farenahewan.com%2Fcss-wetransfer%2FWeT%2520ransfer&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1554405520723&bpp=382&bdt=888&fdt=384&idt=77&shv=r20190401&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=1566500630826&frm=20&pv=2&ga_vid=1895507397.1554405521&ga_sid=1554405521&ga_hid=1081966735&ga_fc=0&iag=0&icsg=667307&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040010&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&ifi=8&uci=8.i7zs9v7pteks&fsb=1&dtd=413
Frame ID: 3C9563D3CB1921313DAD5AEB3B4A72A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^prettyPrint$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • env /pp_(?:alreadyInitialized|descriptions|images|titles)/i
Overall confidence: 100%
Detected patterns
  • env /pp_(?:alreadyInitialized|descriptions|images|titles)/i

Page Statistics

26
Requests

69 %
HTTPS

91 %
IPv6

7
Domains

9
Subdomains

11
IPs

2
Countries

540 kB
Transfer

1773 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set WeT%20ransfer
arenahewan.com/css-wetransfer/ 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://arenahewan.com/css-wetransfer/WeT%20ransfer
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6a59 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5989e69b3a5af7cd5d15df54f2ba9cab0401e255038feb76b39d65452624307a

Request headers

Host
arenahewan.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 19:18:39 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d180522094fcf13e08863ff17fece0a251554405518; expires=Fri, 03-Apr-20 19:18:38 GMT; path=/; domain=.arenahewan.com; HttpOnly
Vary
Accept-Encoding,Cookie,User-Agent
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Link
<https://arenahewan.com/wp-json/>; rel="https://api.w.org/", </min/0b677.css>; rel=preload; as=style,</wp-includes/js/jquery/jquery.js?ver=1.12.4>; rel=preload; as=script,</min/3a55e.js>; rel=preload; as=script
Server
cloudflare
CF-RAY
4c25a11c5b42c2d8-FRA
Content-Encoding
gzip
0b677.css
arenahewan.com/min/ 		251 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://arenahewan.com/min/0b677.css
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6a59 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7db99462788b3a527621fc74ca33db424ec260d085a46140d53c4436939363bd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
arenahewan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
Cookie
__cfduid=d180522094fcf13e08863ff17fece0a251554405518
Connection
keep-alive
Cache-Control
no-cache
Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 19:18:39 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 18 Mar 2019 06:11:42 GMT
Server
cloudflare
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4c25a1230de5c2d8-FRA
Content-Length
43528
Expires
Sat, 04 May 2019 19:18:39 GMT
jquery.js
arenahewan.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://arenahewan.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6b59 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
arenahewan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
Cookie
__cfduid=d180522094fcf13e08863ff17fece0a251554405518
Connection
keep-alive
Cache-Control
no-cache
Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 19:18:40 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Wed, 13 Mar 2019 23:23:44 GMT
Server
cloudflare
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
public, max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4c25a1230bacc2b0-FRA
Content-Length
33766
Expires
Thu, 18 Apr 2019 19:18:40 GMT
3a55e.js
arenahewan.com/min/ 		129 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://arenahewan.com/min/3a55e.js
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6b59 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a8ab20387ccd6bbb42b933425d05d314f8741c3613e9f7ad97587a7506d1227

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
arenahewan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
Cookie
__cfduid=d180522094fcf13e08863ff17fece0a251554405518
Connection
keep-alive
Cache-Control
no-cache
Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 19:18:40 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 01 Apr 2019 06:12:58 GMT
Server
cloudflare
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
public, max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4c25a1230943c2bf-FRA
Content-Length
39119
Expires
Thu, 18 Apr 2019 19:18:40 GMT
0b677.css
arenahewan.com/min/ 		251 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://arenahewan.com/min/0b677.css
Requested by
Host: arenahewan.com
URL: http://arenahewan.com/css-wetransfer/WeT%20ransfer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6b59 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7db99462788b3a527621fc74ca33db424ec260d085a46140d53c4436939363bd

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 19:18:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 01 Apr 2019 06:12:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
public, max-age=2592000
cf-ray
4c25a12339d4c2bf-FRA
expires
Sat, 04 May 2019 19:18:40 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		83 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: arenahewan.com
URL: http://arenahewan.com/css-wetransfer/WeT%20ransfer
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
79139e667849027e01d34fae6db36c936e069ff0db01130573552f6fa1f4392c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 19:18:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
961284488714013267
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
31899
X-XSS-Protection
0
Expires
Thu, 04 Apr 2019 19:18:39 GMT
gpt.js
www.googletagservices.com/tag/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: arenahewan.com
URL: http://arenahewan.com/css-wetransfer/WeT%20ransfer
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e82d48c5c63c6118e307148e633ddff56d99255a55a38b53209b817f6be642b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 19:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"126 / 556 of 1000 / last-modified: 1554403458"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
11261
x-xss-protection
0
expires
Thu, 04 Apr 2019 19:18:39 GMT
arena-hewan.jpg
arenahewan.com/wp-content/uploads/2017/05/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arenahewan.com/wp-content/uploads/2017/05/arena-hewan.jpg
Requested by
Host: arenahewan.com
URL: http://arenahewan.com/css-wetransfer/WeT%20ransfer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6b59 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de8b00903a618a94c9175171ba1e673b8f415804887922fde0b40718e3cb9ced

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 19:18:39 GMT
cf-cache-status
HIT
last-modified
Thu, 11 May 2017 15:02:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
4c25a1234a0dc2bf-FRA
content-length
15193
expires
Sat, 04 May 2019 19:18:39 GMT
3a55e.js
arenahewan.com/min/ 		129 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arenahewan.com/min/3a55e.js
Requested by
Host: arenahewan.com
URL: http://arenahewan.com/css-wetransfer/WeT%20ransfer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6b59 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a8ab20387ccd6bbb42b933425d05d314f8741c3613e9f7ad97587a7506d1227

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 19:18:41 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 01 Apr 2019 06:12:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=1209600
cf-ray
4c25a1236a80c2bf-FRA
expires
Thu, 18 Apr 2019 19:18:40 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
481 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=arenahewan.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 19:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arenahewan.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 19:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190401/r20190131/ 		202 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190401/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
901f592b5aa7355a4355ba0668cdf3b8b1db19e2202d3efe58f190b085c1e548
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 19:18:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
11293606147819821201
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
76865
X-XSS-Protection
0
Expires
Thu, 04 Apr 2019 19:18:40 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190401/r20190131/ Frame AFB1 		202 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190401/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
901f592b5aa7355a4355ba0668cdf3b8b1db19e2202d3efe58f190b085c1e548
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Apr 2019 19:18:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
11293606147819821201
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
76865
X-XSS-Protection
0
Expires
Thu, 04 Apr 2019 19:18:40 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: arenahewan.com
URL: http://arenahewan.com/css-wetransfer/WeT%20ransfer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
5504
date
Thu, 04 Apr 2019 17:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Thu, 04 Apr 2019 19:46:56 GMT
pubads_impl_2019040101.js
securepubads.g.doubleclick.net/gpt/ 		158 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019040101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
a626ce418d302f42ae6fd1c5a025b3ba0c72888052adb2943e3fdc6dd9a1ce1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 19:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Apr 2019 15:28:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
58390
x-xss-protection
0
expires
Thu, 04 Apr 2019 19:18:40 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1081966735&t=pageview&_s=1&dl=http%3A%2F%2Farenahewan.com%2Fcss-wetransfer%2FWeT%2520ransfer&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20ArenaHewan.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=776909607&gjid=932546227&cid=1895507397.1554405521&tid=UA-60062648-15&_gid=2001018894.1554405521&_r=1&z=1489432671
Requested by
Host: arenahewan.com
URL: http://arenahewan.com/css-wetransfer/WeT%20ransfer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Apr 2019 19:18:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3227099172553850&correlator=1432781219308380&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062420&vrg=2019040101&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-32&iu_parts=329634089%2CAHewan-ATF300%2CAHewan_AdsInPost1Vertical%2CAHewan_AdsInPost2Rac%2CAHewan_AdsInPost3Rac%2CAHewan_BelowArticles338%2CAHewan_DesktopSticky%2CAHewan_Vertical160&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=300x250%2C160x600%2C300x250%7C336x280%2C728x90%7C468x60%2C336x280%2C160x600%7C120x600%2C160x600%7C120x600&cookie_enabled=1&bc=7&abxe=1&lmt=1554405520&dt=1554405520831&dlt=1554405519835&idt=981&frm=20&biw=1585&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C8&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C856&adks=3875486704%2C3091291631%2C1557836788%2C2398775606%2C2884805266%2C447178913%2C2375173645&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farenahewan.com%2Fcss-wetransfer%2FWeT%2520ransfer&dssz=19&icsg=11947&std=0&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1569x618&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1569x600&blev=1&bisch=1&ga_vid=1895507397.1554405521&ga_sid=1554405521&ga_hid=1081966735&fws=2%2C2%2C2%2C2%2C2%2C2%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019040101.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
5db436d066125c1f8dea243688e2764f5748915bf43f2d37f186b8d1c0001f34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
Origin
http://arenahewan.com

Response headers

date
Thu, 04 Apr 2019 19:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
450
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://arenahewan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019040101.js
securepubads.g.doubleclick.net/gpt/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019040101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019040101.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
1d2a666b40a442a7b39496665b6d2a6cf1552e0f0999a95bf6270eda15368dd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 19:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Apr 2019 15:28:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
27656
x-xss-protection
0
expires
Thu, 04 Apr 2019 19:18:40 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019040101.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
texture.png
arenahewan.com/wp-content/themes/blog/img/ 		297 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arenahewan.com/wp-content/themes/blog/img/texture.png
Requested by
Host: arenahewan.com
URL: http://arenahewan.com/css-wetransfer/WeT%20ransfer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6b59 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8bf9c7fd8755573b756d69fdc1bcd8ecdcba6377f82f9ec84ab4f7dc0510af3

Request headers

Referer
https://arenahewan.com/min/0b677.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 19:18:40 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Jun 2015 15:44:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
4c25a12a0cfdc2bf-FRA
content-length
297
expires
Sat, 04 May 2019 19:18:40 GMT
list-arrow.png
arenahewan.com/wp-content/themes/blog/img/icons/ 		177 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arenahewan.com/wp-content/themes/blog/img/icons/list-arrow.png
Requested by
Host: arenahewan.com
URL: http://arenahewan.com/css-wetransfer/WeT%20ransfer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6b59 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb85d76e7554ea367db9cc22d9b82eda6964a89bd18e0730f2fc9a6536dc14ca

Request headers

Referer
https://arenahewan.com/min/0b677.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 19:18:41 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Jun 2015 16:00:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
4c25a12a0d06c2bf-FRA
content-length
177
expires
Sat, 04 May 2019 19:18:41 GMT
menu-icon.png
arenahewan.com/wp-content/themes/blog/img/icons/ 		367 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arenahewan.com/wp-content/themes/blog/img/icons/menu-icon.png
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6b59 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6bd425ea353758a7e805b5367318a55544f403730c0ec247ff206ee3019cf1

Request headers

Referer
https://arenahewan.com/min/0b677.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 19:18:41 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Jun 2015 16:00:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
4c25a12ad836c2bf-FRA
content-length
367
expires
Sat, 04 May 2019 19:18:41 GMT
ca-pub-3098295775077215.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
236 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-3098295775077215.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 13:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Apr 2019 19:29:30 GMT
server
sffe
age
19756
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
125
x-xss-protection
0
expires
Fri, 05 Apr 2019 01:49:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190401/r20190131/ Frame 8210 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190401/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190401/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 01 Apr 2019 22:34:12 GMT
expires
Mon, 15 Apr 2019 22:34:12 GMT
content-type
text/html; charset=UTF-8
etag
11379338296983272270
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6898
x-xss-protection
0
cache-control
public, max-age=1209600
age
247469
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
ads
googleads.g.doubleclick.net/pagead/ Frame 3C95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3098295775077215&output=html&adk=1812271804&adf=3025194257&lmt=1554405521&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Farenahewan.com%2Fcss-wetransfer%2FWeT%2520ransfer&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1554405520723&bpp=382&bdt=888&fdt=384&idt=77&shv=r20190401&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=1566500630826&frm=20&pv=2&ga_vid=1895507397.1554405521&ga_sid=1554405521&ga_hid=1081966735&ga_fc=0&iag=0&icsg=667307&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040010&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&ifi=8&uci=8.i7zs9v7pteks&fsb=1&dtd=413
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190401/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3098295775077215&output=html&adk=1812271804&adf=3025194257&lmt=1554405521&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Farenahewan.com%2Fcss-wetransfer%2FWeT%2520ransfer&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1554405520723&bpp=382&bdt=888&fdt=384&idt=77&shv=r20190401&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=1566500630826&frm=20&pv=2&ga_vid=1895507397.1554405521&ga_sid=1554405521&ga_hid=1081966735&ga_fc=0&iag=0&icsg=667307&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040010&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&ifi=8&uci=8.i7zs9v7pteks&fsb=1&dtd=413
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 04 Apr 2019 19:18:41 GMT
server
cafe
content-length
44
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 04-Apr-2019 19:33:41 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Thu, 04 Apr 2019 19:18:41 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190401/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
10e71de24e6718e3151b4e9601dc25f5f1151a1074a5010c8399e0439ce5a84f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arenahewan.com/css-wetransfer/WeT%20ransfer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 04 Apr 2019 19:18:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1554125279408425"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
29076
x-xss-protection
0
expires
Thu, 04 Apr 2019 19:18:41 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| adsbygoogle undefined| $ function| jQuery function| loadCSS object| google_sa_queue object| google_sl_win function| google_process_slots string| GoogleAnalyticsObject function| ga object| googletag object| wpcf7 object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| GPT_jstiming object| closure_memoize_cache_ boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| omShortcodes object| q boolean| pp_alreadyInitialized object| scrolltotop boolean| PR_SHOULD_USE_CONTINUATION function| prettyPrintOne function| prettyPrint object| PR object| jQuery1124049152633018811764 object| wp number| distance string| time boolean| doresize object| scroll_pos string| url boolean| hashtag function| google_spfd object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| now number| hour number| min number| sec string| add

6 Cookies

Domain/Path Name / Value
.arenahewan.com/ Name: _gid
Value: GA1.2.2001018894.1554405521
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.arenahewan.com/ Name: _ga
Value: GA1.2.1895507397.1554405521
.arenahewan.com/ Name: __gads
Value: ID=e7b136c5b4285172:T=1554405520:S=ALNI_MbHBfy1vCIzelTv2s3z6XGgR7raKg
.arenahewan.com/ Name: _gat
Value: 1
.arenahewan.com/ Name: __cfduid
Value: d180522094fcf13e08863ff17fece0a251554405518

1 Console Messages

Source Level URL
Text
console-api log URL: https://arenahewan.com/min/3a55e.js(Line 3)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
arenahewan.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
216.58.207.66
2606:4700:30::6818:6a59
2606:4700:30::6818:6b59
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:817::2002
2a00:1450:4001:818::2001
2a00:1450:4001:81a::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:81e::200e
2a00:1450:4001:821::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
10e71de24e6718e3151b4e9601dc25f5f1151a1074a5010c8399e0439ce5a84f
1d2a666b40a442a7b39496665b6d2a6cf1552e0f0999a95bf6270eda15368dd8
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
4a8ab20387ccd6bbb42b933425d05d314f8741c3613e9f7ad97587a7506d1227
5989e69b3a5af7cd5d15df54f2ba9cab0401e255038feb76b39d65452624307a
5db436d066125c1f8dea243688e2764f5748915bf43f2d37f186b8d1c0001f34
79139e667849027e01d34fae6db36c936e069ff0db01130573552f6fa1f4392c
7c6bd425ea353758a7e805b5367318a55544f403730c0ec247ff206ee3019cf1
7db99462788b3a527621fc74ca33db424ec260d085a46140d53c4436939363bd
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
901f592b5aa7355a4355ba0668cdf3b8b1db19e2202d3efe58f190b085c1e548
a626ce418d302f42ae6fd1c5a025b3ba0c72888052adb2943e3fdc6dd9a1ce1a
bb85d76e7554ea367db9cc22d9b82eda6964a89bd18e0730f2fc9a6536dc14ca
c8bf9c7fd8755573b756d69fdc1bcd8ecdcba6377f82f9ec84ab4f7dc0510af3
de8b00903a618a94c9175171ba1e673b8f415804887922fde0b40718e3cb9ced
e82d48c5c63c6118e307148e633ddff56d99255a55a38b53209b817f6be642b0
fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723