ar.strephonsays.com Open in urlscan Pro
2606:4700:3030::6815:66b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ar.strephonsays.com/
Submission: On April 12 via manual (April 12th 2023, 3:59:41 pm UTC) from AE — Scanned from DE

Summary HTTP 71 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 16 domains to perform 71 HTTP transactions. The main IP is 2606:4700:3030::6815:66b, located in United States and belongs to CLOUDFLARENET, US. The main domain is ar.strephonsays.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2022. Valid for: a year.

This is the only time ar.strephonsays.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:303... 2606:4700:3030::6815:66b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:bc00:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:225e:9600:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
8	46.4.104.244 46.4.104.244	24940 (HETZNER-AS) (HETZNER-AS)
4	65.9.95.78 65.9.95.78	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
13	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:1::... 2606:4700:1::6813:874e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:c2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.19.228.187 2.19.228.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.171.31.74 54.171.31.74	16509 (AMAZON-02) (AMAZON-02)
71	20

14 2606:4700:3030::6815:66b (United States)

ASN13335 (CLOUDFLARENET, US)

ar.strephonsays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
strephonsays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.strephonsays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:bc00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:9600:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 46.4.104.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.104.4.46.clients.your-server.de

www.bigmp3db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.95.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-78.prg50.r.cloudfront.net

optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:1::6813:874e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c2d (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.228.187 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.31.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-31-74.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8594 c.mgid.com — Cisco Umbrella Rank: 5670 cdn.mgid.com — Cisco Umbrella Rank: 11443 servicer.mgid.com — Cisco Umbrella Rank: 8526 s-img.mgid.com — Cisco Umbrella Rank: 5087 cm.mgid.com — Cisco Umbrella Rank: 1313	170 KB
14	strephonsays.com ar.strephonsays.com strephonsays.com — Cisco Umbrella Rank: 743917 a.strephonsays.com	463 KB
8	bigmp3db.com www.bigmp3db.com — Cisco Umbrella Rank: 557275	21 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9151	2 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2381	1 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201	154 KB
4	consensu.org optad360.mgr.consensu.org — Cisco Umbrella Rank: 60493	249 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3359	73 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111	163 KB
3	optad360.io cmp.optad360.io — Cisco Umbrella Rank: 54654 get.optad360.io — Cisco Umbrella Rank: 37081	286 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	3 KB
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1729	319 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 509	59 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1045	17 KB
1	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 12052	226 KB
1	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 321777	10 KB
71	16

	Domain	Requested by
9	a.strephonsays.com	ar.strephonsays.com
8	www.bigmp3db.com	ar.strephonsays.com www.bigmp3db.com
7	mc.yandex.com	3 redirects ar.strephonsays.com
4	s-img.mgid.com
4	cdn.mgid.com
4	c.mgid.com	jsc.mgid.com
4	optad360.mgr.consensu.org	cmp.optad360.io optad360.mgr.consensu.org
3	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
3	mc.yandex.ru	2 redirects ar.strephonsays.com
3	pagead2.googlesyndication.com	ar.strephonsays.com pagead2.googlesyndication.com
3	strephonsays.com	ar.strephonsays.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	cm.mgid.com	jsc.mgid.com
2	jsc.mgid.com	www.bigmp3db.com jsc.mgid.com
2	get.optad360.io	ar.strephonsays.com get.optad360.io
2	cdn.jsdelivr.net	ar.strephonsays.com get.optad360.io
2	ar.strephonsays.com	ar.strephonsays.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	cl.imghosts.com
1	servicer.mgid.com	jsc.mgid.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	cdn.zx-adnet.com	ar.strephonsays.com
1	cmp.optad360.io	ar.strephonsays.com
71	26

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
clck.mgid.com
strephonsays.com
bg.strephonsays.com
cs.strephonsays.com
el.strephonsays.com
es.strephonsays.com
et.strephonsays.com
fi.strephonsays.com
fr.strephonsays.com
hi.strephonsays.com
hr.strephonsays.com
hu.strephonsays.com
id.strephonsays.com
it.strephonsays.com
iw.strephonsays.com
ja.strephonsays.com
ko.strephonsays.com
lt.strephonsays.com
lv.strephonsays.com
ms.strephonsays.com
nl.strephonsays.com
no.strephonsays.com
pl.strephonsays.com
pt.strephonsays.com
ru.strephonsays.com
sk.strephonsays.com
sl.strephonsays.com
sr.strephonsays.com
sv.strephonsays.com
th.strephonsays.com
tr.strephonsays.com
uk.strephonsays.com
vi.strephonsays.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-12` - `2023-07-12`	a year	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-03-01` - `2023-11-15`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
username.digitalreceipt.co.ke GTS CA 1D4	`2023-03-10` - `2023-06-08`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
www.bigmp3db.com R3	`2023-02-27` - `2023-05-28`	3 months	crt.sh
optad360.mgr.consensu.org Amazon RSA 2048 M02	`2023-02-22` - `2023-06-21`	4 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://ar.strephonsays.com/
Frame ID: 98050268B98096717C39163D8B14039B
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/zrt_lookup.html
Frame ID: 162C54BFD81B17E051E7B5F02AD21466
Requests: 1 HTTP requests in this frame

Frame: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Frame ID: E978D1FBE5D48B50DC2768DB3765C487
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1681315178037761874403
Frame ID: 5AFD3ECF17159A1A93516710F9D9B02F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

يعرف عن 2023

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

71
Requests

90 %
HTTPS

68 %
IPv6

16
Domains

26
Subdomains

20
IPs

6
Countries

1897 kB
Transfer

4973 kB
Size

16
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=ar.strephonsays.com&utm_medium=referral&utm_campaign=widgets&utm_content=1228643

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15323152/i/57561560/0/pp/1/1?h=XPHaTaMMvpCtVVD-nzs-URkYSx2Nx3VDvc9zT7g8dJOsHL_iYtfn28IbE7S7fy9kbRXouj4ldAUGpAysTWv6hw**&rid=06dc0677-d94b-11ed-b2fe-e43d1a2a96ec&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=120&mp4=1&h2=ytQHVno_AvJmfWTJtAl_cL03ulF95NzSX0mM5-q5NUI*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15875214/i/57561560/0/pp/2/1?h=XPHaTaMMvpCtVVD-nzs-UaIt_n-2BNgzv3mmuHlkQJfWdVc713e291CB9cjSuGlEc4Wyn-mb9CQ-Z2uuWFES6A**&rid=06dc0677-d94b-11ed-b2fe-e43d1a2a96ec&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=120&mp4=1&h2=ytQHVno_AvJmfWTJtAl_cL03ulF95NzSX0mM5-q5NUI*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15876760/i/57561560/0/pp/3/1?h=XPHaTaMMvpCtVVD-nzs-Ub1f3XJnTkqO-QpPC2Wi-373cj6JCF3u1kWNbL7rN9SwEIztH5cnRt3bTWaI15XJ9A**&rid=06dc0677-d94b-11ed-b2fe-e43d1a2a96ec&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=120&mp4=1&h2=ytQHVno_AvJmfWTJtAl_cL03ulF95NzSX0mM5-q5NUI*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15659581/i/57561560/0/pp/4/1?h=XPHaTaMMvpCtVVD-nzs-Ub1mvu-m7wT_g-22XiQopHdQvhoJO_3L_eW7Uxno82oV6WH2JsYwFWPlbXLsbqDyww**&rid=06dc0677-d94b-11ed-b2fe-e43d1a2a96ec&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=120&mp4=1&h2=ytQHVno_AvJmfWTJtAl_cL03ulF95NzSX0mM5-q5NUI*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15323147/i/57561560/0/pp/5/1?h=XPHaTaMMvpCtVVD-nzs-UVxOpFYi9eXP9MncBsSMAz6CJPuSCzJOz7DHWeAF4-ESsMT5ExjE86Nnwwf3tMjWIA**&rid=06dc0677-d94b-11ed-b2fe-e43d1a2a96ec&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=120&mp4=1&h2=ytQHVno_AvJmfWTJtAl_cL03ulF95NzSX0mM5-q5NUI*

Search URL Search Domain Scan URL

URL: https://strephonsays.com/

Search URL Search Domain Scan URL

URL: https://bg.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://cs.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://el.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://es.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://et.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://fi.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://fr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://hi.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://hr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://hu.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://id.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://it.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://iw.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ja.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ko.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://lt.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://lv.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ms.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://nl.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://no.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://pl.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://pt.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ru.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sk.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sl.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sv.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://th.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://tr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://uk.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://vi.strephonsays.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9971.uie1Y_0G-Rk--Vk33kI4moW4gAh7WQhDQ4EYQ3YSweqiEXgCOP_8TTTpBYo8Y6AQ.8e7PQURukrpZrF_RNv9qwA4OJwY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9971.DPmpR3zrxOW3F-_a7nKIzOmI-MYiUHndvkwgcSL3keGrm9JUrhfQE23Nn4HguWmrmXNP7uFWj4z6d8wgcsr-NwPF7TvFxbLZW7HsY-iy8Z4%2C.t3e_LoAKLJVUD_mr44vtjkAehDY%2C

Request Chain 39

https://mc.yandex.com/watch/53480917?wmode=7&page-url=https%3A%2F%2Far.strephonsays.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A416%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1011%3Acn%3A1%3Adp%3A0%3Als%3A454913418533%3Ahid%3A918416443%3Az%3A0%3Ai%3A20230412155936%3Aet%3A1681315176%3Ac%3A1%3Arn%3A24648398%3Arqn%3A1%3Au%3A1681315176650527118%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C21%2C61%2C7%2C0%2C0%2C%2C364%2C1%2C%2C%2C%2C481%3Aco%3A0%3Acpf%3A1%3Ans%3A1681315175800%3Arqnl%3A1%3Ast%3A1681315177%3At%3A%D9%8A%D8%B9%D8%B1%D9%81%20%D8%B9%D9%86%202023&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/53480917/1?wmode=7&page-url=https%3A%2F%2Far.strephonsays.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A416%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1011%3Acn%3A1%3Adp%3A0%3Als%3A454913418533%3Ahid%3A918416443%3Az%3A0%3Ai%3A20230412155936%3Aet%3A1681315176%3Ac%3A1%3Arn%3A24648398%3Arqn%3A1%3Au%3A1681315176650527118%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C21%2C61%2C7%2C0%2C0%2C%2C364%2C1%2C%2C%2C%2C481%3Aco%3A0%3Acpf%3A1%3Ans%3A1681315175800%3Arqnl%3A1%3Ast%3A1681315177%3At%3A%D9%8A%D8%B9%D8%B1%D9%81%20%D8%B9%D9%86%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 47

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9971.E1xrh_n-3UdLE0-Z68-NEK_ZoEdB1zTydCS0cfYvB2pgfGM3OSGO478vrHiBrWzf.LdTSSalWEra5PyjXJ-4eRNv1iYY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9971.CzdtZVzAmgqczcf2wS3wFOexQUP-qUkB5MJUPTjLOLtj1zJ-ItDBgaVY5IzmAo6IsOGngPLYP1Qrfvourz4gOFVMX4b-MJtSSXvDZMu0-tg%2C.r62hanDIEC-fMqB8y_u9Yp3cvFI%2C

Request Chain 65

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Far.strephonsays.com%2F&domain=ar.strephonsays.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=fO7OhXwweUJNUXZJSzRvcTRSU3lsdi84dlYzNitOM3pPUzdWeCtBWjZxK2N0QjhaUnYva2p6MEZNa3pYKzZJc2YrTlY4UVcveElsWUxhMTZLN3E1TVFkaFFsK3JRd2lwWVhTQWd4dVprWEJrdUF2dlFGQnFGb0NNY3BhaDFhNUhCeERVeGJFN25IQUFwSzY0bGdWYWNld0x3dU83Q3Z4c3FaUUxWV29FNGNKZklmMU03dHpYcFVJWHVSWERwRlRhZ2lhUjc2emgyTGZ5bGpZMFdudjd5d2s0eVBBSFlsbTlGVnkxbEcrTjM0bTU4V21hYkpYZ1ppRkJ4U0pibnZCbFZ6MXBRfA&cppv=2

71 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ar.strephonsays.com/ 45 KB
7 KB 108ms
60ms Document
text/html 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: 9c1eeaa217638320ee2c81c7bd0d3165136a2ab67b51a40a23d50528224c4c92

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 7b6cad690cc030e2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 12 Apr 2023 15:59:35 GMT
expires: Thu, 13 Apr 2023 15:59:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eD9ISnGFXmAu%2FI3QkS9MPSVejKtUNF1WTCdgf8PqO2j6frEzuK7AdpT7tgwg8y6urTVgjTXC9b6dqhLB1OYy4kAXT2wtrC92KEJGUaP3F43wwvnP5O8kfgcedGQJ%2B4NtAPt4aY3ee9LyzRSGHbnvVfHY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15

GET
H2 200 style.css
strephonsays.com/template/artemiz/css/ 27 KB
7 KB 142ms
18ms Stylesheet
text/css 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strephonsays.com/template/artemiz/css/style.css
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5692fdcd3cf15f5d2e98e6fb4f451dec0b2d61cae64af0b2bb18dfe46614c0ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1015347
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:14:04 GMT
server: cloudflare
etag: W/"6cae-5efef3ab093e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Z7OXaZshGBSOOlskyiXN8AVIQ6aQm3%2BqNiyRgmxiqm1k3rJbPS3bONy8dNdaBUV3DsdzOcc%2FMAEvVYbg8roX8nWuX0QgoP3BSFt3P%2FJiChldNqfuR%2BdtfjIDr0hNvzsbBTuJcewtD%2BI0oh235qb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7b6cad6a4ea430e2-FRA
expires: Fri, 14 Apr 2023 21:57:09 GMT

GET
H2 200 yt.css
strephonsays.com/template/artemiz/css/ 69 KB
44 KB 143ms
19ms Stylesheet
text/css 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strephonsays.com/template/artemiz/css/yt.css
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71a005e915b96b3ed8feb7d4f5221db75e3658fd8678e68d5b04b5dce0aef73e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1013169
cf-polished: origSize=70952
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:14:05 GMT
server: cloudflare
etag: W/"11528-5efef3abd421a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0K0BET7jL5mTX2NVvPm%2FFFtd9ZoBqVCN%2BD26c%2BxEFuYkSUbiLyZD1HTJXlZw%2B6hIE73AbvHVIJ4dkYvT5m09nWTAWZZzPVubWeI1ulCstFasnHlrQwbD0yQFlpBpzljX2RYPRESdcYbybOljj74f"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7b6cad6a4ea130e2-FRA
expires: Fri, 14 Apr 2023 22:33:27 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 48ms
21ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26516
x-jsd-version: 3.1.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230078-FRA, cache-yyz4574-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51lmGCNAhdfgwtVEbhU2ipyRnTZ1kctb5Z2Me7yNHDiYQZZ9rwq89Jnc2Rt6qbik%2B3LeVztpaxxGdV%2B%2FhdY%2FgoAu4mh6Or9ij06MTIjJJfUY5IxUQHlAy5SBDjjRqzWnLDxkDnyAwpHdw9A4yi0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7b6cad69ae82924a-FRA

GET
H2 200 45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js Show response
cmp.optad360.io/items/ 253 KB
72 KB 104ms
10ms Script
application/javascript 2600:9000:2156:bc00:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:bc00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1cd9602b63db552abd2b3cd8689102702d17efae5e9fe98f94691efc77897b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:18:27 GMT
content-encoding: gzip
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Sun, 18 Apr 2021 12:34:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 2470
etag: W/"4bc6f41a14eeeb489540c26fb99b9427"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: y6d5MPtyFZZ8R9qTVwgQ5IVUQlQQdT9ZZOlCNlOfVJxLeOjNMHs8bQ==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/ 286 KB
59 KB 100ms
8ms Script
application/javascript 2600:9000:225e:9600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a9f667053394455ba7d064b526119757f84042d8078b2642093bbca2891bad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 08:08:18 GMT
content-encoding: gzip
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 07:57:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 28279
x-amz-server-side-encryption: AES256
etag: W/"6c46506927bcebb0a00d761938e812e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: QeyeqJb2XosZp94TKBPOhF6UYkZqunU-kdNK_dI4jFDaTc5tp94Ywg==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 138ms
64ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2173063720940886

Requested by

Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e9a5d30727db2cee0944cd7efe605f7075c547f2876bb56245ce08cc376b42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ar.strephonsays.com/
Origin: https://ar.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47814
x-xss-protection: 0
server: cafe
etag: 16424829941517844936
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 15:59:36 GMT

GET
H2 200 scripts.js Show response
strephonsays.com/template/artemiz/js/ 177 KB
61 KB 149ms
25ms Script
application/javascript 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strephonsays.com/template/artemiz/js/scripts.js
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68dbc402b8d95b31ec11900b3b5aee781e46330beeec75070f60a40c03b402d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1015118
cf-polished: origSize=181106
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:14:07 GMT
server: cloudflare
etag: W/"2c372-5efef3ae1ed1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssDRhYj%2FcBy%2BiO2m7kBElJJL0IvCegm6%2FwXgDOVCStSnTiSUtAgCKuoh5KyF5UZ7yMe772KWjjNBFCLBqLEbFgZj2yFB%2BefzDDSu7EqVCraUOYGnrUCOzXtiUCpfDwwaW%2FOLooGJ%2FtHx4CaTJv5O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7b6cad6a4ea530e2-FRA
expires: Fri, 14 Apr 2023 22:00:58 GMT

GET
H2 200 rocket-loader.min.js Show response
ar.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 22ms
15ms Script
application/javascript 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ar.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Apr 2023 10:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"642bf60d-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YObznNoRTpPwSBADgXIWe1SZ6bfxB47NeHYI8J7QCBeIdvTZCMWipFGFEjJzvcmubreUgxM67dquse6UHeRfXvtJ6w4F1%2BD5eMB2nhZLyU2Q0wCbGc8WEljKAXyaCBq7gbZHsXo2S7kCN3PKWTibCkEk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7b6cad69ada830e2-FRA
expires: Fri, 14 Apr 2023 15:59:35 GMT

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 34 KB
10 KB 78ms
43ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.58614321281909

Requested by

Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230075-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Wed, 12 Apr 2023 15:59:36 GMT
last-modified: Tue, 17 Jan 2023 17:33:04 GMT
x-timer: S1681315176.105384,VS0,VE35
etag: "e816600dd00bd96b1fef78362730b72e57d5bac88839b4da007d48db85d79519-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache-hits: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 212 KB
73 KB 192ms
90ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

70e8b6db69fe62d1ddbf326b78fabe363cc238f51319bd5f7b71c25213fe89f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 12:29:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6435286c-1217a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74106
expires: Wed, 12 Apr 2023 16:59:36 GMT

GET
H2 200 1duwt.min.js Show response
www.bigmp3db.com/ 67 KB
19 KB 95ms
19ms Script
text/javascript 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.min.js?b37f073

Requested by

Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

7288c20b13b744af212d6df6ad459628687cf60a1ffe7f99d72e033b556450f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
duration: 385868
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Wed, 12-Apr-2023 19:04:36 EEST

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 en.json Show response
optad360.mgr.consensu.org/cmp/v2/translations/v4/ 4 KB
2 KB 82ms
25ms XHR
application/json 65.9.95.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
Requested by: Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-78.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:57:45 GMT
content-encoding: gzip
via: 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
last-modified: Thu, 29 Oct 2020 12:24:15 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 72112
etag: W/"e3fe984dfb883f99b54c331403be617b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: public, max-age=360000000
x-amz-cf-id: uWc--dtJAbPSLwACzUCHFfJs4dkuwBNQyJcSGClqR8lYL8wgqHYK2w==

GET
H2 200 Difference-Between-Chromosome-and-Chromatid-1.webp
a.strephonsays.com/science-nature/ 27 KB
27 KB 79ms
45ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/science-nature/Difference-Between-Chromosome-and-Chromatid-1.webp
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36d9945b61fa4d83045faa28d6ca867fa7b29c2ea6714a8de212691da9006db0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 23:38:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6bf8-5cdb7a386da11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIQ7H592DhVuoYO7dwauSGXOyLZWxndJG5HdPU7iXYGi021AHvEEVxIJjGcljE2%2F5rFyfVE1BnJf7ODytIFQf3CrgGpustgBCETnLGw%2FDIklFmY6kdtPMM35ZDweu4TxONeSSYbwgJr5JgdxUFhrrjo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6cad6b585a30e2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27640

GET
H2 200 Difference-Between-Formal-and-Functional-Regions-1.webp
a.strephonsays.com/countries/ 48 KB
48 KB 78ms
48ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/countries/Difference-Between-Formal-and-Functional-Regions-1.webp
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddf161085367cd5517b5165d34656f5855ac0102495f3b71ef50b57ec23ef00d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 21:07:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "bf74-5cdb588fd1fab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgDpUxZH5%2BmOuC2L%2BfOMnN3xFm6h60W7TTf8kEtAjfanCu5ICFgn0dC3QuEQzDANDcImmdb03XWAcdOpEHs8s1foiZC0%2B40qDfa8oVCMZkDUwP8lg7q7z5j3Q6CZYShRS7fFoLfuoKFLWcUjdHYH3CM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6cad6b585330e2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49012

GET
H2 200 Difference-Between-Companies-Limited-by-Shares-and-Companies-Limited-by-Guarantee.webp
a.strephonsays.com/business/ 47 KB
47 KB 50ms
20ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/business/Difference-Between-Companies-Limited-by-Shares-and-Companies-Limited-by-Guarantee.webp
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb23189475c4f60039d1389da9ab3225c9c215c3ffa4af384ceccecc038759ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5115
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48014
last-modified: Wed, 06 Oct 2021 21:04:42 GMT
server: cloudflare
etag: "bb8e-5cdb57eb812f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GI7FkFGbzIb1hHsFWxNlKOVNVYyQmi3y9Uwl62Qh%2But8ci96BNeOzJx6r8ln6FuzvPSPsZhdNfticswqY%2B2K3fuB%2F7gg6WbonzoccfraZ7lweN%2BBYEkap2gDG2C5%2Fh1uFpfEG%2B0Hn15kfc6i9d8oq%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6cad6b585630e2-FRA

GET
H2 200 Difference-Between-TPN-and-Tube-Feeding-1.webp
a.strephonsays.com/health/ 21 KB
22 KB 73ms
42ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/health/Difference-Between-TPN-and-Tube-Feeding-1.webp
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 112511ca404030a0af0eaf92129e9a2d14f5ed62412ab77d63f1956728d990e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 22:33:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5532-5cdb6bbdb9e85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZFwDcIpKv44al8Cnce1xHwx7xr2sAK%2BVw8uMtQ4ZByA8uE9ER3IZ%2Bh7y%2BfVK8TvZdSAWcUCk8bU4A3OcvGYIKM%2Bk4wdSIJPBypo9odXnkoO1zK6e9B6TiwskqDge%2BRNK2OZku1uHLKagkKIyRSmx4I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6cad6b585730e2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21810

GET
H2 200 Difference-Between-Cocaine-and-Heroin-2.webp
a.strephonsays.com/health/ 63 KB
63 KB 73ms
43ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/health/Difference-Between-Cocaine-and-Heroin-2.webp
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b69f7ce336ace00590a2bcd3fe997ed374d2fd7b4d914e2ac9a7811c3618d90a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 22:37:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "fb58-5cdb6cbe33d50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BgSzcRNjUXKgfFQqZ83VNH%2BEUwebknKs4XxejriA498cEDG5o2aKi%2Be7753je2ALL38sLsvpAAeKjGlEON4q6qjSXEtflHMHIWRhVazAOEcjfCBqq53%2BfOYVchydudIgTIVNKnFgyLV1yeZ5iN9VHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6cad6b585930e2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64344

GET
H2 200 Difference-Between-HDMI-and-Mini-HDMI-1.webp
a.strephonsays.com/technology/ 10 KB
11 KB 63ms
33ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/technology/Difference-Between-HDMI-and-Mini-HDMI-1.webp
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b9bee3c7f5b9cbb6260d996e05ab86cfb7b3ed8db3d6bd03c67d0d38e7381ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 23:50:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2940-5cdb7cff5c8c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0U1q9jak%2BmTLSX1DphZHwfmsjn%2FBI7YV4vXx4Nqmj790MqbuHdd8Aal7L47E1WbSe6%2BGlYfk6Hlc9BeD5HHhHC%2FzB2aDLzRWK%2BkSyD99JlovhBdfJFILNwECkTn9orE5XydcSfftXGYlQjBY%2FFwQlA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6cad6b585230e2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10560

GET
H3 200 Difference-Between-BCAA-and-Amino-Acids-1.webp
a.strephonsays.com/science-nature/ 53 KB
54 KB 39ms
39ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/science-nature/Difference-Between-BCAA-and-Amino-Acids-1.webp
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d439ab58f720bdc4bfb6213e7bae7f26689db44fb3058ee010a5b26ff59c8cd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 23:42:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d536-5cdb7b44ad0e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qf4LlPqNOCzTW%2FUgrbXg2QcbAzPCTMgY%2FW4EGHcNidDOUAHDaldmo9JA2tMeIARHqPwDtZFfPsyHeNjtRRQZ7GR%2BC9MJVCm29z77NXmYQs4zRwBKS4IWbbwAG5%2Ff1aLxQkCWNX%2FR3R2whKnEpSexypg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6cad6b8a099bb6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54582

GET
H3 200 Difference-Between-Aggregation-and-Agglomeration.webp
a.strephonsays.com/science-nature/ 22 KB
22 KB 30ms
30ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/science-nature/Difference-Between-Aggregation-and-Agglomeration.webp
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d093a9f3f99b6af386733f953af068209e738a700fbf4eb2ccecb9fcd22a95f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22068
last-modified: Wed, 06 Oct 2021 23:45:36 GMT
server: cloudflare
etag: "5634-5cdb7be215d60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIAgldyLpCUF5IbjvCv%2FH0xaaG3pqpIDCbn7SCYrYMDWreZBegTQvfcgv%2BSFbkUTh%2FQ1nBG2tfBIiE8EJokhOD1gw6zc6b7JlzL33%2F9Oo3OhbCWIUINAycZ6KquPXUPVe7J6Q8bD%2FCPQszB7PWZV4Rw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6cad6b8a0c9bb6-FRA

GET
H3 200 Difference-Between-Aplastic-Anemia-and-Leukemia-1.webp
a.strephonsays.com/health/ 46 KB
46 KB 20ms
20ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/health/Difference-Between-Aplastic-Anemia-and-Leukemia-1.webp
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b01ec01fda4d6d568157b29e3ce666329c9aa419ea5200c37ae9011c312ea7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46770
last-modified: Wed, 06 Oct 2021 22:38:27 GMT
server: cloudflare
etag: "b6b2-5cdb6ce018098"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AugqRFx5C9XA8cHzdNl0UTwWU71ahp1daNTsZoGQOvfDUsfSPAyOrk4b3cWxLLUYBh6iWlWDko76z2JAPxmhN7JKR9tLoMc1b8r6Ti418qKlaAg6MCQFDG5iIIPcscfFSO8Blr2no%2BlVOSRq7VtFCR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6cad6b8a0e9bb6-FRA

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 93ms
76ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2173063720940886&plah=ar.strephonsays.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2173063720940886

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

802d3b0d1ecf62fe7004b5a0850ce569ceabf40815505f40bfd3a9b71d5d1cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118931
x-xss-protection: 0
server: cafe
etag: 5048505608064482154
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 15:59:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/ Frame 162C 10 KB
5 KB 37ms
11ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2173063720940886

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ar.strephonsays.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 13:32:20 GMT
etag: 2378337311435320485
expires: Wed, 26 Apr 2023 13:32:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 60 B
262 B 27ms
11ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?b37f073

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

18e08cefc9d63bfe5d900a53f0d439bc24aca80a00e8f81a1052b27976fb3fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 616 B
561 B 26ms
12ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?b37f073

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

2f73a3b207c5ee25344df3d983640fe4933b04e5b0d21820aca4768dba078355

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
260 B 7ms
7ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?b37f073

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

d1555b109e4c8742a311447612e10e6723222b54913bc0b75a8d973cc96c063e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
25 KB 151ms
110ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

603b9fbec5fa9c3f0510110f9399ca7e9bcb67af04a60779fc41362760fe1bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25553
x-xss-protection: 0
server: cafe
etag: 736 / 19459 / 31073786 / config-hash: 7827658349598518326
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 15:59:36 GMT

GET
H2 200 prebid7.17.1.js Show response
get.optad360.io/sf/ 495 KB
156 KB 9ms
9ms Script
application/javascript 2600:9000:225e:9600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid7.17.1.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcbf5baf3fbe1ce55828221062341d9a30a688ce01378be721ad3123041ae6a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 15:59:13 GMT
content-encoding: gzip
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
last-modified: Wed, 08 Feb 2023 10:13:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3715224
etag: W/"09e171853ab31e5067c8e235ae90409c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: pZHqf5wn4kr4Nvx0kRaTqgQ7B_LLRe_65fbUyRygTfo8H_THfUlk9g==

GET
H2 200 fondoperlaterra.org.1228643.js Show response
jsc.mgid.com/f/o/ 3 KB
2 KB 102ms
36ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.js
Requested by: Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?b37f073
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 331759cc07003ed9a0efba0c6355ce686fdb7f68a24d0d72b086e7fa2aae81e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
x-amz-version-id: dLS0OapNDnXO53BKhBurBGMcupmGZ_Qo
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: T054FPM0ND3G9S02
age: 591
cf-polished: origSize=2670
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: W361vLUilrFdd/9unPOFTgUSmGmIP44AzfdeOezuCVHHE+1bUJJ0vD21M9mFiOTTYgEm1Z0YYXcQdVWUSuNt1Q==
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 10:58:53 GMT
server: cloudflare
etag: W/"ffd6f2a3b42f8c9ac49d51c17d2c026d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7b6cad6c8d0e7572-LHR
expires: Wed, 12 Apr 2023 18:59:36 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
260 B 9ms
8ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?b37f073

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

fbd2bbc5a9fae64e3874287d23201d3dee70e633b3d335cab2a6ad0ab1cea7a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 cmp-3.0.0.min.js Show response
optad360.mgr.consensu.org/cmp/v2/ Frame E978 691 KB
190 KB 29ms
8ms Script
application/javascript 65.9.95.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Requested by: Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-78.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 21:56:37 GMT
content-encoding: gzip
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
last-modified: Wed, 07 Apr 2021 09:53:34 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 64980
etag: W/"2ea07aea04f56769b6dd53f48dae904d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-cf-id: YDBEn7Kwu3jk_KJYYq9vDLwhrwiSoTtI38JxADdmG01WRO5l53fVEg==

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9971.uie1Y_0G-Rk--Vk33kI4moW4gAh7WQhDQ4EYQ3YSweqiEXgCOP_8TTTpBYo8Y6AQ.8e7PQURukrpZrF_RNv9qwA4OJwY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9971.DPmpR3zrxOW3F-_a7nKIzOmI-MYiUHndvkwgcSL3keGrm9JUrhfQE23Nn4HguWmrmXNP7uFWj4z6d8wgcsr-NwPF7TvFxbLZW7HsY-iy8Z4%2C.t3e_LoAKLJVUD_mr44vtjkAehDY%2C

43 B
79 B

50ms
49ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9971.DPmpR3zrxOW3F-_a7nKIzOmI-MYiUHndvkwgcSL3keGrm9JUrhfQE23Nn4HguWmrmXNP7uFWj4z6d8wgcsr-NwPF7TvFxbLZW7HsY-iy8Z4%2C.t3e_LoAKLJVUD_mr44vtjkAehDY%2C

Requested by

Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9971.DPmpR3zrxOW3F-_a7nKIzOmI-MYiUHndvkwgcSL3keGrm9JUrhfQE23Nn4HguWmrmXNP7uFWj4z6d8wgcsr-NwPF7TvFxbLZW7HsY-iy8Z4%2C.t3e_LoAKLJVUD_mr44vtjkAehDY%2C
date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 28ms
16ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230412

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

925bf96428c2caafdc661c7b24f7a2461c5f06e57e5b2811da92ef07f47bfa9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 43126
x-jsd-version: 1.0.1673
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4583-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"63e-+ICztFzzAu6EvfSa4QBMPIFL3Uw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUJEMFuqT2tbV0mcimfzlaPqFfm7HEFeEMgteLJsGWkEyG1f1%2BKS4Y7KpdO2gwTRZislTjDxEHN3CAX9ygv55ICopkY%2Bj%2FwaDdgttdTx1iWUaAyPvJZmSsz7w4WhO%2F7FPosDBGPLkViW8wwykpg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7b6cad6cba53bb56-FRA

GET
H2 200 vendor-list.json Show response
optad360.mgr.consensu.org/cmp/v2/ Frame E978 406 KB
54 KB 78ms
75ms XHR
application/json 65.9.95.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/vendor-list.json
Requested by: Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-78.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56ae2a10cd6ec3ddd872559ea9bb8f03cff58ffdf1dc4038a1c8e28611c2c222

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 04:29:44 GMT
content-encoding: gzip
via: 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 41392
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 07 Apr 2023 01:00:09 GMT
server: AmazonS3
etag: W/"aaa5a8f5326cb446d8b7ce5856442706"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=360000000
x-amz-cf-id: UVZkP0SR_hyBYCLsdC42zRe80VDwBMNXxB0-Lj-w57L8GiyYt9Zlog==

GET
H2 200 fondoperlaterra.org.1228643.es6.js Show response
jsc.mgid.com/f/o/ 252 KB
71 KB 38ms
37ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 688708971d125171e4ca49c4437825acdf8778e5fa23fc10c51a5925dc494316

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
x-amz-version-id: GwC9tPmA.DHMMVWO.Rm138EWg6BqOV5i
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 8DAFC0N4ZVSWJVVM
age: 591
cf-polished: origSize=258143
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Gr95u2KEWx6H38sYnO/PoOCI78eAspU3q53f7W+VP7Fl3hWGMkgED3caFgSeGSurX2FhbHthKAc=
cf-bgj: minify
last-modified: Mon, 03 Apr 2023 11:24:08 GMT
server: cloudflare
etag: W/"8143c4c19b60cdc6b92c0f0acf83f221"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7b6cad6d6e7b7572-LHR
expires: Wed, 12 Apr 2023 18:59:36 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
260 B 8ms
7ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?b37f073

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

b79a2ef9f23f68f212329566f5c134808445a867fbb4e76f2de3e507fba467af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/ 400 KB
124 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073786

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 12:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13683
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126862
x-xss-protection: 0
server: cafe
etag: 16869941564567738629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 11 Apr 2024 12:11:33 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 90 B
94 B 59ms
43ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ar.strephonsays.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

661d11a25f04b1396352b49ea31984fc1a68a4c30e87f241873a240666d3f8c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69
x-xss-protection: 0
expires: Wed, 12 Apr 2023 15:59:36 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/53480917/
Redirect Chain

https://mc.yandex.com/watch/53480917?wmode=7&page-url=https%3A%2F%2Far.strephonsays.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A416%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
https://mc.yandex.com/watch/53480917/1?wmode=7&page-url=https%3A%2F%2Far.strephonsays.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A416%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...

447 B
530 B

64ms
63ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/53480917/1?wmode=7&page-url=https%3A%2F%2Far.strephonsays.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A416%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1011%3Acn%3A1%3Adp%3A0%3Als%3A454913418533%3Ahid%3A918416443%3Az%3A0%3Ai%3A20230412155936%3Aet%3A1681315176%3Ac%3A1%3Arn%3A24648398%3Arqn%3A1%3Au%3A1681315176650527118%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C21%2C61%2C7%2C0%2C0%2C%2C364%2C1%2C%2C%2C%2C481%3Aco%3A0%3Acpf%3A1%3Ans%3A1681315175800%3Arqnl%3A1%3Ast%3A1681315177%3At%3A%D9%8A%D8%B9%D8%B1%D9%81%20%D8%B9%D9%86%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f0bcb2d97c2daa7187cdf115986a765efb4a2e6a9153a3a4cb687c16de136525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 12-Apr-2023 15:59:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ar.strephonsays.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 12-Apr-2023 15:59:36 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 12-Apr-2023 15:59:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/53480917/1?wmode=7&page-url=https%3A%2F%2Far.strephonsays.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A416%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1011%3Acn%3A1%3Adp%3A0%3Als%3A454913418533%3Ahid%3A918416443%3Az%3A0%3Ai%3A20230412155936%3Aet%3A1681315176%3Ac%3A1%3Arn%3A24648398%3Arqn%3A1%3Au%3A1681315176650527118%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C21%2C61%2C7%2C0%2C0%2C%2C364%2C1%2C%2C%2C%2C481%3Aco%3A0%3Acpf%3A1%3Ans%3A1681315175800%3Arqnl%3A1%3Ast%3A1681315177%3At%3A%D9%8A%D8%B9%D8%B1%D9%81%20%D8%B9%D9%86%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://ar.strephonsays.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 12-Apr-2023 15:59:36 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
260 B 7ms
7ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?b37f073

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

6ee48f8741d3a3ea6632b99417a8f7946d0e5709254f82c45db85e1780b83ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 branding-ads.svg
optad360.mgr.consensu.org/icons/ 7 KB
3 KB 9ms
8ms Image
image/svg+xml 65.9.95.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optad360.mgr.consensu.org/icons/branding-ads.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-78.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 02:24:28 GMT
content-encoding: gzip
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 48909
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: BTtR1o7AapVyvIWjZiuPdHqne7Sgx3pqwUzvlcCbvLerYeeE022fag==

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
101 B 46ms
46ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 12:29:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6435286c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 12 Apr 2023 16:59:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 109ms
109ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=pp_iris_failure&pvsid=3894283542174447&fnc=121764058%2C22612148122&vrg=202304110101&nw_id=121764058%5C%2C22612148122&nslots=11&eid=31072019%2C31073677%2C31073786&pub_url=https%3A%2F%2Far.strephonsays.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:59:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK a1ae0651-d9be-4bb1-80ed-0d86f7a9a896
https://ar.strephonsays.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ar.strephonsays.com/a1ae0651-d9be-4bb1-80ed-0d86f7a9a896
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK b11208d5-2214-4691-9b95-124e59b5b63f
https://ar.strephonsays.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ar.strephonsays.com/b11208d5-2214-4691-9b95-124e59b5b63f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
260 B 7ms
7ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?b37f073

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

cfb596d9eab63f55d7df7240dda75d3f03548535503289f41ad8f97f28916d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9971.E1xrh_n-3UdLE0-Z68-NEK_ZoEdB1zTydCS0cfYvB2pgfGM3OSGO478vrHiBrWzf.LdTSSalWEra5PyjXJ-4eRNv1iYY%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9971.CzdtZVzAmgqczcf2wS3wFOexQUP-qUkB5MJUPTjLOLtj1zJ-ItDBgaVY5IzmAo6IsOGngPLYP1Qrfvourz4gOFVMX4b-MJtSSXvDZMu0-tg%2C.r62hanDIEC-fMqB8y_...

43 B
98 B

49ms
49ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9971.CzdtZVzAmgqczcf2wS3wFOexQUP-qUkB5MJUPTjLOLtj1zJ-ItDBgaVY5IzmAo6IsOGngPLYP1Qrfvourz4gOFVMX4b-MJtSSXvDZMu0-tg%2C.r62hanDIEC-fMqB8y_u9Yp3cvFI%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9971.CzdtZVzAmgqczcf2wS3wFOexQUP-qUkB5MJUPTjLOLtj1zJ-ItDBgaVY5IzmAo6IsOGngPLYP1Qrfvourz4gOFVMX4b-MJtSSXvDZMu0-tg%2C.r62hanDIEC-fMqB8y_u9Yp3cvFI%2C
date: Wed, 12 Apr 2023 15:59:36 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
c.mgid.com/pv/ 0
43 B 53ms
36ms Script
text/plain 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1681315176804827853167&lct=1680480000&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Far.strephonsays.com%2F&lu=https%3A%2F%2Far.strephonsays.com%2F&sessionId=6436d569-06cf7&pageView=1&pvid=1877631a1649271bb0a&site=761202&implVersion=11&dpr=1&tfre=889
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b6cad6f29067572-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content 8815c361-e696-44d2-99ad-a05275aa9ec3
https://ar.strephonsays.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ar.strephonsays.com/8815c361-e696-44d2-99ad-a05275aa9ec3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 59ms
27ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BQQZ016TJQM3CQAQ
age: 1247
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b6cad6f59487572-LHR
expires: Thu, 13 Apr 2023 15:59:36 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
812 B 60ms
29ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:36 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YRQRQGQP9DZNZ14S
age: 5625
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b6cad6f59497572-LHR
expires: Thu, 13 Apr 2023 15:59:36 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1228643/ 5 KB
2 KB 96ms
81ms Script
application/x-javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1228643/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1681315177875402530431&lct=1680480000&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1400&h=310&maxw_3=266&maxh_3=264&sz=266x264&szp=1,2,3,4,5&szl=1,2,3,4,5&cols=5&tcfV2=1&ref=&cxurl=https%3A%2F%2Far.strephonsays.com%2F&lu=https%3A%2F%2Far.strephonsays.com%2F&sessionId=6436d569-06cf7&pageView=1&pvid=1877631a1649271bb0a&implVersion=11&dpr=1&tfre=1960
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7bec48fb241b69137fc69810be0fd7dba70449d6521f65b1039e11b3e6afb01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7b6cad75d9c97572-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 34ms
33ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:38 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: KZHG8W3F9TBRMAND
age: 1367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: dbyeVsK/NjOgn7JlIkeUY91rcsUk7Xu5UroxSC2k1IBVpKj3RcOw+iHuOsxJ5UaGiIcgCnMZgl0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b6cad766c8971ed-LHR
expires: Thu, 13 Apr 2023 15:59:38 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1011 B 35ms
34ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:38 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YX26RVNEGW9X6AWK
age: 1564
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b6cad766c8a71ed-LHR
expires: Thu, 13 Apr 2023 15:59:38 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAyLzU2MTUwOS81OGQ0M...
s-img.mgid.com/g/15323152/492x328/-/ 22 KB
23 KB 116ms
43ms Image
image/webp 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15323152/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAyLzU2MTUwOS81OGQ0MTUxODY1ZDJiODZjZjAxOGRmOWI1ZGQwZjIwZi5qcGc.webp?v=1681315177-QcwOcLHJtb-zq5nbwGWzUEY0ldEfjUiipuiN98BrrE0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5229a89af0d83ae2201c2ff2a572284c5c0b9fbcfdec7fc9f535f863d225ef77

Request headers

Referer: https://ar.strephonsays.com/
Origin: https://ar.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:38 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2023 08:46:42 GMT
x-mg-request-uuid: 795ff23b-3c67-4dbd-9738-405ad1c5f2ac
server: cloudflare
age: 74427
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7b6cad76e937774a-LHR
content-length: 22574
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA0LzQ3MDMzNS9kMTE2M...
s-img.mgid.com/g/15875214/492x328/-/ 19 KB
19 KB 117ms
44ms Image
image/webp 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15875214/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA0LzQ3MDMzNS9kMTE2MzM2YTBmZDY2ZmJhZTNjYzdlYmM2ZDVmNDNlOS5wbmc.webp?v=1681315177-Q-QK6CHSQMeunGPpLCEi4XG23nBX-6kR10pyqEUFy58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae8ed10fa0e4a665d75dbf7a2cb8cf035c568b7bfee2966e73367a1c9638b68a

Request headers

Referer: https://ar.strephonsays.com/
Origin: https://ar.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:38 GMT
cf-cache-status: HIT
last-modified: Mon, 10 Apr 2023 09:31:21 GMT
x-mg-request-uuid: 61f69e45-9af6-4c43-bdc6-7345a1a32d35
server: cloudflare
age: 16410
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7b6cad76e93a774a-LHR
content-length: 19134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzUzMDQ1My9kN2QwM...
s-img.mgid.com/g/15659581/492x328/-/ 14 KB
14 KB 287ms
214ms Image
image/webp 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15659581/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzUzMDQ1My9kN2QwMzNiNzNlNTJhOWNhOGJlZGM2N2FkMGRmMjY3OS5qcGVn.webp?v=1681315177-90Za5WKUUkWuwmaw6iUeuIfn-4bgls9P3vCIljcxcFQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 774b02a17e7c4833990a848acfafbc9b622e7b4ea730845f665ebcfee80c27da

Request headers

Referer: https://ar.strephonsays.com/
Origin: https://ar.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:38 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 15:03:05 GMT
x-mg-request-uuid: 7d4eb909-7811-4a3f-9311-29617c2fcaee
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7b6cad76e93d774a-LHR
content-length: 13864
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAyLzU2MTUwOS82MjQ4N...
s-img.mgid.com/g/15323147/492x328/-/ 35 KB
35 KB 298ms
226ms Image
image/webp 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15323147/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAyLzU2MTUwOS82MjQ4NmU4YTUwOWI2NGZlNWJiM2E1M2Y3NWRlZmEwMi5qcGc.webp?v=1681315177-VhET__1u1ze5VYYDgsy1n-F1eZfu9jZQtDTWn2cuSmU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 059c65361fabb1491df95a87e47ecb85e2bafc1216c073cc064ddddeecfe265a

Request headers

Referer: https://ar.strephonsays.com/
Origin: https://ar.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:38 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2023 08:46:43 GMT
x-mg-request-uuid: 1b81a417-d002-4bf6-9f0d-bc3255e7c9b7
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7b6cad76e93e774a-LHR
content-length: 35680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 206 26308da7cc6477179ca2288b1d19e914.mp4
cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2022-12/741329/ 225 KB
226 KB 93ms
19ms Media
video/mp4 2606:4700::6812:c2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2022-12/741329/26308da7cc6477179ca2288b1d19e914.mp4?v=1681315177-hfUK8g-97l6y8nG3NlsbdPMXnBD9UI_-3ST_NYCAl0M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5bdfe68237b160358ca7a5c19a69b67f40374e7c2574b88469e0f7dc67c930f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ar.strephonsays.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 12 Apr 2023 15:59:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 192478
Content-Range: bytes 0-230590/230591
server-timing: cld-cloudflare;mitm=c;dur=87;start=2023-04-10T10:30:22.009Z;desc=miss;cloudinary;dur=70;start=2023-04-10T10:30:22.025Z
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 230591
last-modified: Mon, 10 Apr 2023 10:30:15 GMT
server: cloudflare
etag: "b99b79230593a44f213b3f8126c320f5"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 7b6cad76d8923681-FRA

GET
H2 200 i.js Show response
cm.mgid.com/ 0
124 B 133ms
111ms Script
application/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=168131517800673169828
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:59:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7b6cad76bb6b7572-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 5AFD 0
37 B 112ms
111ms Script
application/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1681315178037761874403
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:59:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7b6cad76cb807572-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 74ms
20ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: E6MT7PBY6EQKW5AR
age: 1275
etag: W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7b6cad771a769950-FRA
x-amz-id-2: u1WrkdVVFEoTU6YrngHfFr6RftQN5a9M9DWspimxQwoXV19NUExvqPZUarqq+rvOUt0FQM2HyI0=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 190 KB
59 KB 78ms
11ms Script
application/javascript 2.19.228.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.187 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-228-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 25795c5164a6b299891cdaf8925dfb9b5e7961ac9f740667c3722e0111353986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Feb 2023 07:52:04 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=26934
accept-ranges: bytes
content-length: 60066
expires: Wed, 12 Apr 2023 23:28:32 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 59ms
17ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Far.strephonsays.com%2F&domain=ar.strephonsays.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ar.strephonsays.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ar.strephonsays.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 12 Apr 2023 15:59:37 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 267116
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Far.strephonsays.com%2F&domain=ar.strephonsays.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=fO7OhXwweUJNUXZJSzRvcTRSU3lsdi84dlYzNitOM3pPUzdWeCtBWjZxK2N0QjhaUnYva2p6MEZNa3pYKzZJc2YrTlY4UVcveElsWUxhMTZLN3E1TVFkaFFsK3JRd2lwWVhTQWd4dVprWEJrdUF2dlFGQnFGb0NNY3BhaD...

412 B
583 B

53ms
19ms

XHR
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=fO7OhXwweUJNUXZJSzRvcTRSU3lsdi84dlYzNitOM3pPUzdWeCtBWjZxK2N0QjhaUnYva2p6MEZNa3pYKzZJc2YrTlY4UVcveElsWUxhMTZLN3E1TVFkaFFsK3JRd2lwWVhTQWd4dVprWEJrdUF2dlFGQnFGb0NNY3BhaDFhNUhCeERVeGJFN25IQUFwSzY0bGdWYWNld0x3dU83Q3Z4c3FaUUxWV29FNGNKZklmMU03dHpYcFVJWHVSWERwRlRhZ2lhUjc2emgyTGZ5bGpZMFdudjd5d2s0eVBBSFlsbTlGVnkxbEcrTjM0bTU4V21hYkpYZ1ppRkJ4U0pibnZCbFZ6MXBRfA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

689e7ac1fed35e73ccf4188aa20320c64848d95cb610346c37236623cb0cb0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:59:38 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 634125
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:59:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=fO7OhXwweUJNUXZJSzRvcTRSU3lsdi84dlYzNitOM3pPUzdWeCtBWjZxK2N0QjhaUnYva2p6MEZNa3pYKzZJc2YrTlY4UVcveElsWUxhMTZLN3E1TVFkaFFsK3JRd2lwWVhTQWd4dVprWEJrdUF2dlFGQnFGb0NNY3BhaDFhNUhCeERVeGJFN25IQUFwSzY0bGdWYWNld0x3dU83Q3Z4c3FaUUxWV29FNGNKZklmMU03dHpYcFVJWHVSWERwRlRhZ2lhUjc2emgyTGZ5bGpZMFdudjd5d2s0eVBBSFlsbTlGVnkxbEcrTjM0bTU4V21hYkpYZ1ppRkJ4U0pibnZCbFZ6MXBRfA&cppv=2
access-control-allow-origin: https://ar.strephonsays.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 392655
content-length: 0
expires: 0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
319 B 125ms
34ms XHR
application/json 54.171.31.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?gdpr_applies=false
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.31.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-31-74.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:59:38 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ar.strephonsays.com
cache-control: no-cache
x-server: 10.45.9.154
access-control-allow-credentials: true
content-length: 43
expires: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 475ms
17ms Preflight
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 12 Apr 2023 15:59:38 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 297707
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 c
c.mgid.com/ 43 B
213 B 38ms
37ms Image
image/gif 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=266|264|8|XPHaTaMMvpCtVVD-nzs-Ub1f3XJnTkqO-QpPC2Wi-373cj6JCF3u1kWNbL7rN9SwEIztH5cnRt3bTWaI15XJ9A**&fw=1&extjs=66044&cid=1228643&h2=ytQHVno_AvJmfWTJtAl_cL03ulF95NzSX0mM5-q5NUI*&rid=06dc0677-d94b-11ed-b2fe-e43d1a2a96ec&tt=Direct&iv=11&pageImp=1&pvid=1877631a1649271bb0a&cbuster=1681315179235507085686
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: d4559c9a-c76b-4b6c-97e8-96f8bf34eceb
server: cloudflare
content-type: image/gif
cf-ray: 7b6cad7e4a3671ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3 200 c
c.mgid.com/ 43 B
213 B 36ms
35ms Image
image/gif 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=266|264|40|XPHaTaMMvpCtVVD-nzs-URkYSx2Nx3VDvc9zT7g8dJOsHL_iYtfn28IbE7S7fy9kbRXouj4ldAUGpAysTWv6hw**&extjs=66044&v=266|264|8|XPHaTaMMvpCtVVD-nzs-UaIt_n-2BNgzv3mmuHlkQJfWdVc713e291CB9cjSuGlEc4Wyn-mb9CQ-Z2uuWFES6A**&cid=1228643&h2=ytQHVno_AvJmfWTJtAl_cL03ulF95NzSX0mM5-q5NUI*&rid=06dc0677-d94b-11ed-b2fe-e43d1a2a96ec&tt=Direct&iv=11&pageImp=0&pvid=1877631a1649271bb0a&cbuster=1681315179334646367236
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: e56b7aac-7aa2-4126-9fa6-457d7832cdf7
server: cloudflare
content-type: image/gif
cf-ray: 7b6cad7eeb4c71ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3 200 c
c.mgid.com/ 43 B
213 B 39ms
39ms Image
image/gif 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=266|264|8|XPHaTaMMvpCtVVD-nzs-Ub1mvu-m7wT_g-22XiQopHdQvhoJO_3L_eW7Uxno82oV6WH2JsYwFWPlbXLsbqDyww**&extjs=66044&v=266|264|24|XPHaTaMMvpCtVVD-nzs-UVxOpFYi9eXP9MncBsSMAz6CJPuSCzJOz7DHWeAF4-ESsMT5ExjE86Nnwwf3tMjWIA**&cid=1228643&h2=ytQHVno_AvJmfWTJtAl_cL03ulF95NzSX0mM5-q5NUI*&rid=06dc0677-d94b-11ed-b2fe-e43d1a2a96ec&tt=Direct&iv=11&pageImp=0&pvid=1877631a1649271bb0a&cbuster=1681315179434763607347
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:59:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: b58e9103-f396-449f-9734-1449ad23e9ab
server: cloudflare
content-type: image/gif
cf-ray: 7b6cad7f8c4771ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.strephonsays.com/	1970-01-20 19:47:31	Name: _ym_uid Value: 1681315176650527118
.strephonsays.com/	1970-01-20 19:47:31	Name: _ym_d Value: 1681315176
ar.strephonsays.com/	1970-01-20 11:45:07	Name: _pbjs_userid_consent_data Value: 6683316680106290
.mgid.com/	1970-01-20 11:01:56	Name: __cf_bm Value: WWg_fU14PXAZA714UQkd9rkYFtm695tCR57PxDXzkEA-1681315176-0-AVY0DYLd9W/R+sh50NQ/SI2Mujiljn3iN6uRWgCNpKFOnMVu+tF1sHUf7LDYHByeExh/vaeBrdZ6UiMRvsZT9Fk=
.strephonsays.com/	1970-01-20 19:47:31	Name: _sharedID Value: 7a45ade0-5519-476c-82fd-7dee3e52694a
.mc.yandex.com/	1970-01-20 11:01:55	Name: sync_cookie_csrf Value: 1469935052fake
.mc.yandex.ru/	1970-01-20 11:01:55	Name: sync_cookie_csrf Value: 3871259618fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1341744151681315176
.yandex.com/	1970-01-20 20:37:55	Name: i Value: rw0nMY59K9AckDUmMsPX7/3Z9Fploohwiv3yCAYn06n+yv2a/vuSdo26RfFFPgBpuRBgr+T/NqsUbVRUGO6yq2fWylM=
.yandex.com/	1970-01-20 20:37:55	Name: yandexuid Value: 5028680891681315176
.yandex.com/	1970-01-20 19:47:31	Name: yuidss Value: 5028680891681315176
.yandex.com/	1970-01-20 19:47:31	Name: ymex Value: 1712851176.yc.1681315176#1712851176.yrts.1681315176#1712851176.yrtsi.1681315176
.strephonsays.com/	1970-01-20 11:03:07	Name: _ym_isad Value: 2
ar.strephonsays.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1228643%22%3A%7B%22page%22%3A1%2C%22time%22%3A1681315177979%7D%7D
.strephonsays.com/	1970-01-20 20:23:31	Name: cto_bundle Value: U2C-w19RYW1JT1Z5U1Y2Y2hyQzA4V3ZKJTJGazA1Y1phQWtySEJBYkYySDdJbmRvb2NkOExzVFRmU3Z0YlBPdmd0WWxFdUpweGMlMkYyRUlGTTNYMnNtUjM4ajFybjZXTXUlMkZoTGVYSFk4OTNSSVRCdHhWY1VvTjdkSWxEeSUyRkg2VmhhcThlNzZn
.strephonsays.com/	1970-01-20 20:23:31	Name: cto_bidid Value: 929Mdl9RYW1JT1Z5U1Y2Y2hyQzA4V3ZKJTJGazA1Y1phQWtySEJBYkYySDdJbmRvb2NkOExzVFRmU3Z0YlBPdmd0WWxFdUpweGMlMkYyRUlGTTNYMnNtUjM4ajFybjZXTXUlMkZoTGVYSFk4OTNSSVRCdHhWYyUyRkx3dmRBcVlKYVpONUlpSHFodmtY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.strephonsays.com
ads.pubmatic.com
ar.strephonsays.com
c.mgid.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.zx-adnet.com
cl.imghosts.com
cm.mgid.com
cmp.optad360.io
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
id.crwdcntrl.net
jsc.mgid.com
mc.yandex.com
mc.yandex.ru
mug.criteo.com
optad360.mgr.consensu.org
pagead2.googlesyndication.com
s-img.mgid.com
securepubads.g.doubleclick.net
servicer.mgid.com
strephonsays.com
www.bigmp3db.com
151.101.1.195
178.250.7.13
2.19.228.187
2600:9000:2156:bc00:6:b871:4f00:93a1
2600:9000:225e:9600:11:a4de:2580:93a1
2606:4700:10::ac43:266a
2606:4700:1::6813:874e
2606:4700:1::6813:884e
2606:4700:3030::6815:66b
2606:4700::6810:5714
2606:4700::6812:c2d
2a00:1450:4001:801::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:82f::2002
2a02:2638:d::d
2a02:6b8::1:119
46.4.104.244
54.171.31.74
65.9.95.78
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
059c65361fabb1491df95a87e47ecb85e2bafc1216c073cc064ddddeecfe265a
112511ca404030a0af0eaf92129e9a2d14f5ed62412ab77d63f1956728d990e9
18e08cefc9d63bfe5d900a53f0d439bc24aca80a00e8f81a1052b27976fb3fab
1b01ec01fda4d6d568157b29e3ce666329c9aa419ea5200c37ae9011c312ea7e
25795c5164a6b299891cdaf8925dfb9b5e7961ac9f740667c3722e0111353986
2d093a9f3f99b6af386733f953af068209e738a700fbf4eb2ccecb9fcd22a95f
2f73a3b207c5ee25344df3d983640fe4933b04e5b0d21820aca4768dba078355
331759cc07003ed9a0efba0c6355ce686fdb7f68a24d0d72b086e7fa2aae81e6
36d9945b61fa4d83045faa28d6ca867fa7b29c2ea6714a8de212691da9006db0
3e9a5d30727db2cee0944cd7efe605f7075c547f2876bb56245ce08cc376b42f
5229a89af0d83ae2201c2ff2a572284c5c0b9fbcfdec7fc9f535f863d225ef77
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5692fdcd3cf15f5d2e98e6fb4f451dec0b2d61cae64af0b2bb18dfe46614c0ca
56ae2a10cd6ec3ddd872559ea9bb8f03cff58ffdf1dc4038a1c8e28611c2c222
603b9fbec5fa9c3f0510110f9399ca7e9bcb67af04a60779fc41362760fe1bac
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
661d11a25f04b1396352b49ea31984fc1a68a4c30e87f241873a240666d3f8c2
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
688708971d125171e4ca49c4437825acdf8778e5fa23fc10c51a5925dc494316
689e7ac1fed35e73ccf4188aa20320c64848d95cb610346c37236623cb0cb0a9
68dbc402b8d95b31ec11900b3b5aee781e46330beeec75070f60a40c03b402d9
6a9f667053394455ba7d064b526119757f84042d8078b2642093bbca2891bad0
6ee48f8741d3a3ea6632b99417a8f7946d0e5709254f82c45db85e1780b83ddc
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
70e8b6db69fe62d1ddbf326b78fabe363cc238f51319bd5f7b71c25213fe89f4
71a005e915b96b3ed8feb7d4f5221db75e3658fd8678e68d5b04b5dce0aef73e
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d
7288c20b13b744af212d6df6ad459628687cf60a1ffe7f99d72e033b556450f0
774b02a17e7c4833990a848acfafbc9b622e7b4ea730845f665ebcfee80c27da
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
802d3b0d1ecf62fe7004b5a0850ce569ceabf40815505f40bfd3a9b71d5d1cbf
8b9bee3c7f5b9cbb6260d996e05ab86cfb7b3ed8db3d6bd03c67d0d38e7381ee
925bf96428c2caafdc661c7b24f7a2461c5f06e57e5b2811da92ef07f47bfa9b
9c1eeaa217638320ee2c81c7bd0d3165136a2ab67b51a40a23d50528224c4c92
a5bdfe68237b160358ca7a5c19a69b67f40374e7c2574b88469e0f7dc67c930f
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae8ed10fa0e4a665d75dbf7a2cb8cf035c568b7bfee2966e73367a1c9638b68a
b69f7ce336ace00590a2bcd3fe997ed374d2fd7b4d914e2ac9a7811c3618d90a
b79a2ef9f23f68f212329566f5c134808445a867fbb4e76f2de3e507fba467af
bb23189475c4f60039d1389da9ab3225c9c215c3ffa4af384ceccecc038759ab
bcbf5baf3fbe1ce55828221062341d9a30a688ce01378be721ad3123041ae6a4
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cfb596d9eab63f55d7df7240dda75d3f03548535503289f41ad8f97f28916d1d
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d1555b109e4c8742a311447612e10e6723222b54913bc0b75a8d973cc96c063e
d439ab58f720bdc4bfb6213e7bae7f26689db44fb3058ee010a5b26ff59c8cd7
ddf161085367cd5517b5165d34656f5855ac0102495f3b71ef50b57ec23ef00d
e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c
e1cd9602b63db552abd2b3cd8689102702d17efae5e9fe98f94691efc77897b9
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bec48fb241b69137fc69810be0fd7dba70449d6521f65b1039e11b3e6afb01
eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2
f0bcb2d97c2daa7187cdf115986a765efb4a2e6a9153a3a4cb687c16de136525
fbd2bbc5a9fae64e3874287d23201d3dee70e633b3d335cab2a6ad0ab1cea7a4

ar.strephonsays.com Open in urlscan Pro 2606:4700:3030::6815:66b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

90 %HTTPS

68 %IPv6

16 Domains

26 Subdomains

20 IPs

6 Countries

1897 kBTransfer

4973 kBSize

16 Cookies

39 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ar.strephonsays.com Open in urlscan Pro
2606:4700:3030::6815:66b Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

90 %
HTTPS

68 %
IPv6

16
Domains

26
Subdomains

20
IPs

6
Countries

1897 kB
Transfer

4973 kB
Size

16
Cookies

71 HTTP transactions
1 data transactions