bg.m-almahdi.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444
Submission Tags: falconsandbox
Submission: On July 26 via api (July 26th 2023, 4:02:30 pm UTC) from US — Scanned from NL

Summary HTTP 174 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 51 IPs in 9 countries across 35 domains to perform 174 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is bg.m-almahdi.com.
TLS certificate: Issued by GTS CA 1P5 on July 20th 2023. Valid for: 3 months.

This is the only time bg.m-almahdi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3032::ac43:a17f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:225... 2600:9000:225e:ba00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:a600:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:4001:831::2016	15169 (GOOGLE) (GOOGLE)
10	95.216.65.102 95.216.65.102	24940 (HETZNER-AS) (HETZNER-AS)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a00:1450:400... 2a00:1450:4001:811::2010	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	99.86.4.64 99.86.4.64	16509 (AMAZON-02) (AMAZON-02)
23	2606:4700:1::... 2606:4700:1::6813:874e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
7	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
1 5	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.155.129.39 18.155.129.39	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:3000:a:e047:753:be1	() ()
3	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
17	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	99.81.215.196 99.81.215.196	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	2606:4700:1::... 2606:4700:1::6813:844e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
4	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
2	18.66.26.9 18.66.26.9	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	52.215.129.79 52.215.129.79	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
174	51

8 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

bg.m-almahdi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m-almahdi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.m-almahdi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:a17f (United States)

ASN13335 (CLOUDFLARENET, US)

dr5.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:ba00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:a600:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua

www.bigmp3db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-64.fra6.r.cloudfront.net

optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:1::6813:874e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

site2text-2021.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.52 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-39.cdg52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:3000:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.215.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-215-196.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:1::6813:844e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.26.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-26-9.vie50.r.cloudfront.net

bucket.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.129.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-129-79.eu-west-1.compute.amazonaws.com

neural33.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7975 c.mgid.com — Cisco Umbrella Rank: 5701 cdn.mgid.com — Cisco Umbrella Rank: 11204 servicer.mgid.com — Cisco Umbrella Rank: 7928 s-img.mgid.com — Cisco Umbrella Rank: 7993 cm.mgid.com — Cisco Umbrella Rank: 1339	375 KB
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153	160 KB
11	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 232 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 349	200 KB
10	bigmp3db.com www.bigmp3db.com — Cisco Umbrella Rank: 754339	22 KB
8	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 907 id5-sync.com — Cisco Umbrella Rank: 420	77 KB
8	m-almahdi.com bg.m-almahdi.com m-almahdi.com a.m-almahdi.com	230 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 312	361 KB
7	yastatic.net yastatic.net — Cisco Umbrella Rank: 6825	195 KB
6	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 240 acdn.adnxs.com — Cisco Umbrella Rank: 605	21 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 421 mug.criteo.com — Cisco Umbrella Rank: 2491	8 KB
5	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 2063 mc.yandex.ru — Cisco Umbrella Rank: 4024	161 KB
4	cdnwebcloud.com bucket.cdnwebcloud.com — Cisco Umbrella Rank: 22556 neural33.cdnwebcloud.com — Cisco Umbrella Rank: 87215	8 KB
4	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1172	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 645	3 KB
4	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 428684	30 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1560 google-bidout-d.openx.net — Cisco Umbrella Rank: 1558	697 B
3	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 454	14 KB
3	optad360.io get.optad360.io — Cisco Umbrella Rank: 32471 cmp.optad360.io — Cisco Umbrella Rank: 52309	225 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 361	4 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 587	126 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1666	360 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1070 bcp.crwdcntrl.net — Cisco Umbrella Rank: 900	12 KB
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6677 invstatic101.creativecdn.com — Cisco Umbrella Rank: 1697	2 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 377	391 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 208	57 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1699	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1658	8 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 999	171 B
1	adform.net adx.adform.net — Cisco Umbrella Rank: 4424	533 B
1	web.app site2text-2021.web.app — Cisco Umbrella Rank: 904277	416 B
1	consensu.org optad360.mgr.consensu.org — Cisco Umbrella Rank: 54168	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 123	9 KB
1	dr5.biz dr5.biz — Cisco Umbrella Rank: 965708	8 KB
174	35

	Domain	Requested by
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
10	www.bigmp3db.com	bg.m-almahdi.com www.bigmp3db.com
8	cdn.mgid.com	jsc.mgid.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com bg.m-almahdi.com s0.2mdn.net
7	s0.2mdn.net	bg.m-almahdi.com s0.2mdn.net
7	yastatic.net	yandex.ru
7	jsc.mgid.com	www.bigmp3db.com jsc.mgid.com
6	s-img.mgid.com
5	id5-sync.com	cdn.id5-sync.com
5	ib.adnxs.com	1 redirects get.optad360.io googleads.g.doubleclick.net acdn.adnxs.com
4	lb.eu-1-id5-sync.com	cdn.id5-sync.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	servicer.mgid.com	jsc.mgid.com
4	gum.criteo.com	1 redirects static.criteo.net get.optad360.io
4	mc.yandex.ru	1 redirects bg.m-almahdi.com
4	cdn.zx-adnet.com	bg.m-almahdi.com cdn.zx-adnet.com
4	a.m-almahdi.com	bg.m-almahdi.com
3	cdn.id5-sync.com	securepubads.g.doubleclick.net jsc.mgid.com
3	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
3	storage.googleapis.com	cdn.zx-adnet.com
3	cdn.jsdelivr.net	bg.m-almahdi.com get.optad360.io securepubads.g.doubleclick.net
2	neural33.cdnwebcloud.com	2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	bg.m-almahdi.com
2	bucket.cdnwebcloud.com	s0.2mdn.net bucket.cdnwebcloud.com
2	ads.pubmatic.com	jsc.mgid.com
2	cm.mgid.com	jsc.mgid.com
2	googleads.g.doubleclick.net	2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	c.mgid.com
2	oajs.openx.net	1 redirects
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	get.optad360.io	bg.m-almahdi.com get.optad360.io
2	m-almahdi.com	bg.m-almahdi.com
2	bg.m-almahdi.com	bg.m-almahdi.com
1	acdn.adnxs.com	get.optad360.io
1	match.adsrvr.org	get.optad360.io
1	www.googletagservices.com	2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	www.google.com	tpc.googlesyndication.com
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	prebid.a-mo.net	get.optad360.io
1	prebid-eu.creativecdn.com	get.optad360.io
1	adx.adform.net	get.optad360.io
1	site2text-2021.web.app	storage.googleapis.com
1	optad360.mgr.consensu.org
1	i.ytimg.com	bg.m-almahdi.com
1	yandex.ru	bg.m-almahdi.com
1	cmp.optad360.io	bg.m-almahdi.com
1	dr5.biz	bg.m-almahdi.com
174	56

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
widgets.mgid.com
www.mgid.com
clck.mgid.com
en.optad360.com

Subject Issuer	Validity	Valid
m-almahdi.com GTS CA 1P5	`2023-07-20` - `2023-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
s.yousan-top3.com GTS CA 1D4	`2023-07-07` - `2023-10-05`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-03-01` - `2023-11-15`	9 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-06-21` - `2023-12-19`	6 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.bigmp3db.com R3	`2023-06-27` - `2023-09-25`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
optad360.mgr.consensu.org Amazon RSA 2048 M02	`2023-04-23` - `2024-05-21`	a year	crt.sh
web.app GTS CA 1D4	`2023-07-10` - `2023-10-08`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-07-10` - `2024-01-07`	6 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.a-mo.net R3	`2023-06-12` - `2023-09-10`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.cdnwebcloud.com Amazon RSA 2048 M02	`2023-02-21` - `2023-10-21`	8 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444
Frame ID: DC1F37F8CAB4BDBDE5A4F45715FCDFBF
Requests: 120 HTTP requests in this frame

Frame: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A31F454843CF76821C91054BDE4E3DCD
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bg.m-almahdi.com
Frame ID: 584568F69C6D9C0CAD552CC3A6FE4184
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E1D6E346B0B2498A826D555FA8190990
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D99131464F5379F96F7B225A5EE491F
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: C349AB117A2622E3BB17889CA301B040
Requests: 1 HTTP requests in this frame

Frame: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 60C72790917F1CC1AA401137062B9F8F
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGKSa5twBMAE&v=APEucNUt8l6C4VnthiGbcAe0cf9hVJmxj4Gyt0p9HXilvLQQye9_gs5j2Vcvnm0YOq68ZdSHEKgDOHdYm36_ixi78jQ9DURU7_rcboVge-TE932wfbxLJNSVjxUJwkwyHATP9GrltGvf7yHh8GLmug5i0uqUzxtZ2FLQFeApH5EGQjDGJOePbVytOI1n-ievyieuUMey63gj5TVFj_-f2MVjrj4F_PPD-w
Frame ID: AA795249CD7FBA9131711904C35DA45C
Requests: 5 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1690387344489101231610
Frame ID: 31582E178AC10FDB0609D25E51F96DE7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0237A3D4B88C9219F58F617E043236DB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1673226628127499181/index.html?e=69&leftOffset=0&topOffset=0&c=0uQo5psKvT&t=1&renderingType=2&ev=01_250
Frame ID: E5BCD7185E8070CC1FA402035C69605E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MefDsIjr-126UL1ZlRxjISGtS5GmSa44osRgNBoPAC4.js
Frame ID: A3664428D35336495F041049FFC5121F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2F28E81790EF4343F197C03B134681B3
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Тестът на Фукуда за вестибуларна функция - Здраве - 2023

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

174
Requests

89 %
HTTPS

50 %
IPv6

35
Domains

56
Subdomains

51
IPs

9
Countries

2332 kB
Transfer

6719 kB
Size

31
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/watch?v=tHn4JpR5T2s&autoplay=1&rel=0&showinfo=0

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=bg.m-almahdi.com&utm_medium=referral&utm_campaign=widgets&utm_content=1102315

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/12451948/i/57436203/0/pp/1/1?h=fCY8XU1wmYAaqCt0CpUYeOMfRRgI_62fwlwkQ0fJ6GlanV5GRVbmzGJzt-wagAazH3gAHKbOsXVwCouixZf1iw**&rid=cf662226-2bcd-11ee-be73-e43d1a2a53a2&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=Lt1IuMFs1o7zYdTGyXX7JWYCNfT0awhOT4iHhV0sjrY*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15829609/i/57436203/0/pp/2/1?h=fCY8XU1wmYAaqCt0CpUYeEJmk1H61s3FwFflFdjXnoQzFm2YYEclBMGftdqJ4o0ZSdtxVgNi8Agr9xBtCSot-Q**&rid=cf662226-2bcd-11ee-be73-e43d1a2a53a2&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=Lt1IuMFs1o7zYdTGyXX7JWYCNfT0awhOT4iHhV0sjrY*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/14757095/i/57436203/0/pp/3/1?h=fCY8XU1wmYAaqCt0CpUYeFuboCxBNGj2j5l0QzkMJd7HyKRu4szU6XT3g-y1wTGM3oHenNA1gpRtq5TtehcOPw**&rid=cf662226-2bcd-11ee-be73-e43d1a2a53a2&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=Lt1IuMFs1o7zYdTGyXX7JWYCNfT0awhOT4iHhV0sjrY*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/12451948/i/57436203/0/pp/1/1?h=fCY8XU1wmYAaqCt0CpUYeOMfRRgI_62fwlwkQ0fJ6GlanV5GRVbmzGJzt-wagAazH3gAHKbOsXVwCouixZf1iw**&rid=cf652acf-2bcd-11ee-a0fd-e43d1a2a96ec&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=Lt1IuMFs1o7zYdTGyXX7JWYCNfT0awhOT4iHhV0sjrY*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15829721/i/57436203/0/pp/2/1?h=fCY8XU1wmYAaqCt0CpUYeGlZM2Dj9hdJ5h4d-mgv9k8zFm2YYEclBMGftdqJ4o0ZWoyOqW4BgIyQoGJ3_mrIcw**&rid=cf652acf-2bcd-11ee-a0fd-e43d1a2a96ec&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=Lt1IuMFs1o7zYdTGyXX7JWYCNfT0awhOT4iHhV0sjrY*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/14757095/i/57436203/0/pp/3/1?h=fCY8XU1wmYAaqCt0CpUYeFuboCxBNGj2j5l0QzkMJd7HyKRu4szU6XT3g-y1wTGM3oHenNA1gpRtq5TtehcOPw**&rid=cf652acf-2bcd-11ee-a0fd-e43d1a2a96ec&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=Lt1IuMFs1o7zYdTGyXX7JWYCNfT0awhOT4iHhV0sjrY*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/12451948/i/57436203/0/pp/1/1?h=fCY8XU1wmYAaqCt0CpUYeOMfRRgI_62fwlwkQ0fJ6GlanV5GRVbmzGJzt-wagAazH3gAHKbOsXVwCouixZf1iw**&rid=cf64c935-2bcd-11ee-be73-e43d1a2a53a2&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=Lt1IuMFs1o7zYdTGyXX7JWYCNfT0awhOT4iHhV0sjrY*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15829721/i/57436203/0/pp/2/1?h=fCY8XU1wmYAaqCt0CpUYeGlZM2Dj9hdJ5h4d-mgv9k8zFm2YYEclBMGftdqJ4o0ZWoyOqW4BgIyQoGJ3_mrIcw**&rid=cf64c935-2bcd-11ee-be73-e43d1a2a53a2&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=Lt1IuMFs1o7zYdTGyXX7JWYCNfT0awhOT4iHhV0sjrY*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/14757095/i/57436203/0/pp/3/1?h=fCY8XU1wmYAaqCt0CpUYeFuboCxBNGj2j5l0QzkMJd7HyKRu4szU6XT3g-y1wTGM3oHenNA1gpRtq5TtehcOPw**&rid=cf64c935-2bcd-11ee-be73-e43d1a2a53a2&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=Lt1IuMFs1o7zYdTGyXX7JWYCNfT0awhOT4iHhV0sjrY*

Search URL Search Domain Scan URL

URL: https://en.optad360.com/?utm_source=branding&utm_medium=display&utm_campaign=bg.m-almahdi.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://mc.yandex.ru/watch/71484610?wmode=7&page-url=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A346%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1098321451456%3Ahid%3A996746608%3Az%3A0%3Ai%3A20230726160223%3Aet%3A1690387343%3Ac%3A1%3Arn%3A666763626%3Arqn%3A1%3Au%3A1690387343226495519%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A20%2C44%2C59%2C2%2C0%2C0%2C%2C16%2C0%2C303%2C303%2C11%2C255%3Aco%3A0%3Acpf%3A1%3Ans%3A1690387342543%3Arqnl%3A1%3Ast%3A1690387343%3At%3A%D0%A2%D0%B5%D1%81%D1%82%D1%8A%D1%82%20%D0%BD%D0%B0%20%D0%A4%D1%83%D0%BA%D1%83%D0%B4%D0%B0%20%D0%B7%D0%B0%20%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D0%B1%D1%83%D0%BB%D0%B0%D1%80%D0%BD%D0%B0%20%D1%84%D1%83%D0%BD%D0%BA%D1%86%D0%B8%D1%8F%20-%20%D0%97%D0%B4%D1%80%D0%B0%D0%B2%D0%B5%20-%202023&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/71484610/1?wmode=7&page-url=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A346%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1098321451456%3Ahid%3A996746608%3Az%3A0%3Ai%3A20230726160223%3Aet%3A1690387343%3Ac%3A1%3Arn%3A666763626%3Arqn%3A1%3Au%3A1690387343226495519%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A20%2C44%2C59%2C2%2C0%2C0%2C%2C16%2C0%2C303%2C303%2C11%2C255%3Aco%3A0%3Acpf%3A1%3Ans%3A1690387342543%3Arqnl%3A1%3Ast%3A1690387343%3At%3A%D0%A2%D0%B5%D1%81%D1%82%D1%8A%D1%82%20%D0%BD%D0%B0%20%D0%A4%D1%83%D0%BA%D1%83%D0%B4%D0%B0%20%D0%B7%D0%B0%20%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D0%B1%D1%83%D0%BB%D0%B0%D1%80%D0%BD%D0%B0%20%D1%84%D1%83%D0%BD%D0%BA%D1%86%D0%B8%D1%8F%20-%20%D0%97%D0%B4%D1%80%D0%B0%D0%B2%D0%B5%20-%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Request Chain 71

https://oajs.openx.net/esp?url=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&rid=esp&cc=1

Request Chain 81

https://gum.criteo.com/sid/json?origin=publishertagids&domain=m-almahdi.com&sn=ChromeSyncframe&so=0&topUrl=bg.m-almahdi.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=boXoCnxMclVxdHJNV29hTGhQVEp5NU1OOU5pckw3MmQ4djN6UmZ4Mit3aTUxYmVFUGhzbG5DRVJpY0RHM2Fqb08xQ2hkS2Vib29CdE1vMWRiT1NkQVFWbTRMK1dTNUZyWkY2eCs3TXFBYVBySUZmdi9qNWpvbWg5bVFrQUZwbjlrR2QrbjJ5MFkxOTExcytrU21mRVlETnV2K2piQ21CaWduU3RZN0lqSVRiVG03VDR5eVdIcGppZFIxTU9hSVpYS3VROGVZZUg5eTZkci9TY2dLdW1MQnRBVkR1TWJFMmJ1cUlIYmtlQS9PaEJ4QTF6NzdrclRBSnoybExLVnBXTlFRdWdSdXVNRmVVc084VTIwM29xYUlRZmtidz09fA&cppv=2

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbK6fXz9Q_ElTp0wSkF4eA&google_cver=1

Request Chain 120

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMFDkOt2BaNf1tl46NO96gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbK6fXz9Q_ElTp0wSkF4eA&google_cver=1

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG_anDPSe8yyvqwCIj8-jwk&google_cver=1

Request Chain 122

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxOTY0Nzk4NTI3OTM0NzEyNQ%3D%3D

174 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request the-fukuda-stepping-test-260d6228-2a4444 Show response
bg.m-almahdi.com/ 47 KB
9 KB 123ms
58ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: afc46b73fc2cfcc580fac0679468987511b075847198a2464ee604661cf5e801

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 7ecddddb587c1c24-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 26 Jul 2023 16:02:22 GMT
expires: Thu, 27 Jul 2023 16:02:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwL3X0JykQEASDjyg3cVdmqO%2Br6GdkHScrlXXrqadBLa3yFdxW0vC0y3eR8Jc4AHTodCqGoA2Du9wThd%2BCACfZ4Jd6sAcVy0jRiTSCO09jTA0InP4Pf9DQumDbUsaCvzEOFw3IGPvEvJIxUce7CW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15

GET
H2 200 style.css
m-almahdi.com/template/newsmag/css/ 105 KB
50 KB 48ms
33ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m-almahdi.com/template/newsmag/css/style.css
Requested by: Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da365c2e23d5e2aea7122d625db97f77c019c1b19e9c032171f7e08529da094f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194389
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Dec 2022 09:15:06 GMT
server: cloudflare
etag: W/"1a268-5efee67cfe272"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTYIw6LzxqhL70qT4AFUn8XmJNJaEaBce74hVMuxrpm9ElMuaFtKO15aXFs0KcSN0JL2EzE8GExkjbGYtIZPLG%2Fj75Fr2WZpmJBwxV9lAvfh%2BgUhdkranj4sI4%2FSs9g52WP00RnfUJpCAhS8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 7ecddddbe9531c24-FRA
expires: Mon, 07 Aug 2023 10:02:33 GMT

GET
H2 200 yt.css
m-almahdi.com/template/newsmag/css/ 77 KB
45 KB 56ms
42ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m-almahdi.com/template/newsmag/css/yt.css
Requested by: Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 249e857e0c70aabe4d8472ae526f8e51cd00f5b3d2f90c9dbe20a6f1132b5d98

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 462874
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Dec 2022 09:15:07 GMT
server: cloudflare
etag: W/"132b5-5efee67dbb1ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sM3EwYEI50QyFD5YAfsgPO6ECK6Cs24Q4OJzTWOblZjBf03mq%2FV8VVYB3mvekKXTrAWRywHj1pJ8cTv9KYtYrhs4kNiZcosnAnV2XBbP9a6ltXvFv93HKZY%2FOh4c92F5nf%2BvnE8RYKxCWByw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 7ecddddbe9591c24-FRA
expires: Fri, 04 Aug 2023 07:27:48 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 84ms
27ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41749
x-jsd-version: 3.1.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230078-FRA, cache-jnb7023-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rONkU0%2Fw3sdADEvUIhTg42xNVUkNVUveak%2FzVWIkLPTXMQ5Un9FaKzF%2B%2F%2Buk57OJTLi5KZaWOhb5rlnelfJZA%2F6f%2BsbPhICNzU8AsILt5oCxPTZdi99mQ3exI0qvt1E8mxCjk7veBRxgqTZwhAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7ecddddc38782c46-FRA

GET
H2 200 the-fukuda-test-for-vestibular-function.webp
a.m-almahdi.com/healths/ 27 KB
27 KB 72ms
36ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.m-almahdi.com/healths/the-fukuda-test-for-vestibular-function.webp
Requested by: Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20165219f34e2859a51e1cd1dec2dfe2ff518c00a91b1953f842ac054dce2fdf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23
alt-svc: h3=":443"; ma=86400
content-length: 27500
last-modified: Tue, 26 Jan 2021 22:04:28 GMT
server: cloudflare
etag: "6b6c-5b9d4d6975300"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BnulFD2jWI7pbAMktQZukv2r1OKB7wJ1GnH8rVLVam0BZZmkgnWc7xTaezK3ohw8FMNVD2AtfV5F7pHu67dhaTP15boowhjD%2B266ywhYweALgyryYZ%2B7N3w%2BTK%2FlUZXXMaVeUtDAtWTEPd2sjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ecddddc098d1c24-FRA

GET
H2 200 rocket-loader.min.js Show response
bg.m-almahdi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 25ms
21ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bg.m-almahdi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 16:11:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64bea2c1-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UA9sc%2BWF6fSNxuXUrCyYkSf%2BbO%2FMCV96S%2FW3LCTTeO8R4wPA8KGuvuHgPnQEyGzIceoChl96MBrOyPTDbx53xy%2B4bOSpruBCiQDhv4LHub4XMvYR7Ci7y8zl%2F9Ipm60LUxoC0iTs2yuKwDiKgNbq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7ecddddbd9411c24-FRA
expires: Fri, 28 Jul 2023 16:02:22 GMT

GET
H2 200 smrcp_19121001.js Show response
cdn.zx-adnet.com/adx/ 145 KB
20 KB 142ms
32ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Requested by

Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0b2dc063ba0e3f0e238d1b63007bcad869cbe77032364ac931768592f99374f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
date: Wed, 26 Jul 2023 16:02:22 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19677
x-served-by: cache-ams21033-AMS
last-modified: Mon, 22 May 2023 17:32:30 GMT
x-timer: S1690387343.912932,VS0,VE1
etag: "0379eb726d6206c827a3aba72b039087492e1a26387e0e0824927a4c08e54306-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
x-cache-hits: 1

GET
H2 200 / Show response
dr5.biz/ 19 KB
8 KB 119ms
52ms Script
application/javascript 2606:4700:3032::ac43:a17f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dr5.biz/?te=mqyggojwgq5ha3ddf42deojv

Requested by

Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a17f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79f758ea183363049e80cdb0afdb2e1ad4045ff4c385d726e78c0206abf959e9

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: img-src https: data:; upgrade-insecure-requests
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OipNCbTdpaYUhtqFoXJxfK%2FddTSCU7pYesdCDlKDEMz6PgQsPk6dFS%2FA49HeoCqAf9VSLaCdh6mL0Mda7gbIl2qz9tQNB4ELgZCqgR7G1b0HBGRrkbfXCguyDEHrSnZK9T4WvRlQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cf-ray: 7ecddddcfaf25ba4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/acaa577f-1ae1-4b91-a272-ebe11f5f1964/ 274 KB
59 KB 101ms
22ms Script
application/javascript 2600:9000:225e:ba00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/acaa577f-1ae1-4b91-a272-ebe11f5f1964/plugin.min.js
Requested by: Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ba00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27def189bca2a93b3bd19bb770d05f0822ed51301eae46a196f254daef05e530

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 16:06:37 GMT
content-encoding: gzip
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
last-modified: Mon, 10 Jul 2023 16:01:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 86145
etag: W/"4bd0c098a6ab097dc563758343eb0a75"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: o5Wwh5tNrswZkE-GQlpGZB33797myJl8H1clLjJ2ecuU5Ku_436XOQ==

GET
H2 200 e587bfa5-0a65-4a08-916b-1df5c59230cc.min.js Show response
cmp.optad360.io/items/ 497 B
833 B 165ms
58ms Script
application/javascript 2600:9000:2156:a600:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/e587bfa5-0a65-4a08-916b-1df5c59230cc.min.js
Requested by: Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 19:51:42 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 08:54:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 72641
etag: "7acdc116a0830ba0aef5e087010246ba"
x-cache: Error from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 497
x-amz-cf-id: xbSaNE3fr0w3pIYTST5GPfl6rdtL3suero4BwZQPktiSt8Xsl-slQA==

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 299 KB
86 KB 246ms
75ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c220b7179103dd13fb84a4dd6cd2b8f31791a6870fa8cc53370c11746947b3c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1690387342999553-1817279385924282513-balancer-l7leveler-kubr-yp-sas-145-BAL-4709
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 26 Jul 2023 17:02:23 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/tHn4JpR5T2s/ 8 KB
9 KB 105ms
45ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/tHn4JpR5T2s/hqdefault.jpg

Requested by

Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1077787af544907092b9d822bcf844cb722e897e79563d976f446245388889b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:22 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8394
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 26 Jul 2023 18:02:22 GMT

GET
H3 200 what-is-the-condition-hs.webp
a.m-almahdi.com/pic/ 64 KB
65 KB 55ms
54ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.m-almahdi.com/pic/what-is-the-condition-hs.webp
Requested by: Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52d6b4657c8b0f228cef66f57d0b838ef0f0be00a3c92b95432c7ec2e050555

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:22 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Apr 2022 12:28:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "10058-5dcece4c90eda"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5Gq683HRScXPcgoY9qdWSfqMFsc9NU%2BJrTg5KNQpGFjURjthO8m7mTVDyiaBmfR7ea12RZHW%2FbY5KX%2B9DEaFDphwsd4CT%2BS2dnRXqNfKn9taVXgumRqeIPOoGwL%2Bo%2FJW%2Blp1J9wm6o%2FwsSspdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ecddddcda5b364a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 65624

GET
H3 404 what-is-the-best-portable-air-conditioning-unit-to-buy
a.m-almahdi.com/pic/ 0
0 53ms
53ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.m-almahdi.com/pic/what-is-the-best-portable-air-conditioning-unit-to-buy
Requested by: Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 how-to-condition-dry-hair.webp
a.m-almahdi.com/pic/ 29 KB
29 KB 121ms
121ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.m-almahdi.com/pic/how-to-condition-dry-hair.webp
Requested by: Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0775ed36271f65ff0357766419f2a29933d3d7d4bddb10ec8fae1939eee239b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:22 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Apr 2022 12:23:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7352-5dcecd4c42dd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70KbdB5T9GLLfWdZL9huW5rYNSGGiFhbWxp%2FaHCAduU7bZ7OHKHV1SQp6U2kQG65Ued%2BjktnTvAe6%2F%2F1qJoofFpVfxTOW%2Byzr0%2B1MTTw2zFSZJUgF%2Fxa5SUnc1%2BlEMzBind1Cqe4K8zef6%2BS9LI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ecddddcda5e364a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29522

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 34 KB
9 KB 116ms
59ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.14067355693232675

Requested by

Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e111a3850d781cc4bb9983b28613414f9a59af060c2860692d56809589c663b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-served-by: cache-ams21033-AMS
strict-transport-security: max-age=31556926
content-encoding: br
date: Wed, 26 Jul 2023 16:02:22 GMT
last-modified: Mon, 22 May 2023 17:32:30 GMT
x-timer: S1690387343.913205,VS0,VE30
etag: "5291f663321e7e3f6bfff9a37feadf115ecea3ab57d443f46f5035c626a0edda-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache-hits: 0

GET
H2 200 1duwt.min.js Show response
www.bigmp3db.com/ 67 KB
19 KB 193ms
74ms Script
text/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.min.js?31606a4

Requested by

Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

77d9102b426f1487e8550ed41e3650f47d74c020c7486e2876f07698fc97bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:22 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
duration: 915972
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Wed, 26-Jul-2023 19:07:22 EEST

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 215 KB
74 KB 277ms
128ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c4e113e7bf186f978548b1b5db327b755b8944540262ffb5edd28811acf84b26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jul 2023 14:52:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64be660f-1248e"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74894
expires: Wed, 26 Jul 2023 17:02:23 GMT

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 220 B
245 B 52ms
49ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.6099069089345353

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
date: Wed, 26 Jul 2023 16:02:23 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 107
x-served-by: cache-ams21033-AMS
last-modified: Mon, 22 May 2023 17:32:30 GMT
x-timer: S1690387343.996991,VS0,VE29
etag: "5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
x-cache-hits: 0

GET
H2 200 mr.js Show response
storage.googleapis.com/s2t-images/ 23 KB
4 KB 310ms
219ms Script
application/javascript 2a00:1450:4001:811::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/s2t-images/mr.js?0.12320000431178624
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdspe08lIts79jM5U8P1swhKh13tbnggOG_hIWuavg2hjJWBF3SbJ_3YTxhCdnGa4TRZeQOvzijI7BSD1eBBQAFVIQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4449
last-modified: Tue, 24 May 2022 13:22:38 GMT
server: UploadServer
etag: "115f5664d494ea5e45aad8061e45949d"
vary: Accept-Encoding
x-goog-generation: 1653398558715037
content-type: application/javascript
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4449
accept-ranges: bytes
expires: Thu, 25 Jul 2024 16:02:23 GMT

GET
H2 200 mr.js Show response
storage.googleapis.com/s2t-images/ 23 KB
5 KB 218ms
129ms Script
application/javascript 2a00:1450:4001:811::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/s2t-images/mr.js?0.6894286519124107
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvhRZkr2hKy5B5ysVqT8GS3JTz7E2dD-byWSK7anNYOXItaJsQ1zMkh4YpL3Vmn-wRLYjqfSX4mde5pfU0g83oVMDsy09nI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4449
last-modified: Tue, 24 May 2022 13:22:38 GMT
server: UploadServer
etag: "115f5664d494ea5e45aad8061e45949d"
vary: Accept-Encoding
x-goog-generation: 1653398558715037
content-type: application/javascript
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4449
accept-ranges: bytes
expires: Thu, 25 Jul 2024 16:02:23 GMT

GET
H2 200 mr.js Show response
storage.googleapis.com/s2t-images/ 23 KB
4 KB 222ms
135ms Script
application/javascript 2a00:1450:4001:811::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/s2t-images/mr.js?0.20255871675554737
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu7F_7wRxOTzOx77buKnva2Fypp_5nwT4LK-e5uA8m88-gCagQsAXCm20-nmo9SgTBfHWRMOJJg5BSVneucOCPGoPxsHIdN
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4449
last-modified: Tue, 24 May 2022 13:22:38 GMT
server: UploadServer
etag: "115f5664d494ea5e45aad8061e45949d"
vary: Accept-Encoding
x-goog-generation: 1653398558715037
content-type: application/javascript
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4449
accept-ranges: bytes
expires: Thu, 25 Jul 2024 16:02:23 GMT

GET
H3 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
475 B 163ms
159ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.6099069089345353

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
date: Wed, 26 Jul 2023 16:02:23 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65
x-served-by: cache-ams21030-AMS
server: Google Frontend
x-timer: S1690387343.057045,VS0,VE142
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: 4b5b6c0ba6d1d85e4d524ce08a043dc9
cache-control: max-age=3600,public
function-execution-id: 1fyqm7zryl0e
accept-ranges: bytes
x-orig-accept-language: nl-NL,nl;q=0.9
x-country-code: NL
x-cache-hits: 0

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
269 B 129ms
51ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?31606a4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

bb4bc3326d805b373708ecb45ef96b9e49c3c315b1004e2beaeddc2df7bec949

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 2 KB
578 B 125ms
52ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?31606a4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

38135b073ce38e1204459305ff5cfab006e206ddb5688aa3a4f44ec636253d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 224ms
127ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/acaa577f-1ae1-4b91-a272-ebe11f5f1964/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68bc666348871fe1e01461b47a4e621be55ef0e41d8e30c231b30e1c6726d022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27955
x-xss-protection: 0
server: cafe
etag: 819 / 19564 / m202307200101 / config-hash: 8317567018028545507
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 16:02:23 GMT

GET
H2 200 prebid7.36.3.js Show response
get.optad360.io/sf/ 520 KB
165 KB 30ms
28ms Script
application/javascript 2600:9000:225e:ba00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid7.36.3.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/acaa577f-1ae1-4b91-a272-ebe11f5f1964/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ba00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:32:51 GMT
content-encoding: gzip
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
last-modified: Mon, 03 Apr 2023 08:32:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 116973
etag: W/"0a921f4d0ab6e1dce1061b3c4ed313ce"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: OnFh2xgp0QUEF61rglMu_j1vNCH4m2tkYQ5e_gfQQ7DR-aV5VyUeSg==

GET
H2 200 branding-ads.svg
optad360.mgr.consensu.org/icons/ 7 KB
3 KB 117ms
20ms Image
image/svg+xml 99.86.4.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optad360.mgr.consensu.org/icons/branding-ads.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 02:22:09 GMT
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 60753
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: uHaJKnA4uzGFx7xTDOswG9lzjulo8WdAFkEYVw2gK23-TKulxRkuAQ==

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 44ms
43ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?31606a4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

02267c2d83ac7f9aa5d71b3b4e8aaedfa71f7a73b9dfbe2ef9b1ec87ffe6c6e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 warbletoncouncil.org.1102315.js Show response
jsc.mgid.com/w/a/ 3 KB
2 KB 90ms
30ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Requested by: Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?31606a4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ec95bc7634c6583f88ca18fc7384514312f3c762d92be4cf9a10e77dd1e968

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
x-amz-version-id: _DL92OilPQ4_NXFC9cUgdCFq6t9tH0k8
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 5S0CHYGAXGTZRNHX
age: 5189
cf-polished: origSize=2702
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SjoFQrEqDNzCjpbl77MHcyTz+OTurBV2YckdTZX/Sc0uUDu6j1g0dW8C/xM2xu3tE+6H5GnLULU=
cf-bgj: minify
last-modified: Fri, 21 Jul 2023 09:19:09 GMT
server: cloudflare
etag: W/"7c56bc596eeb9509c8955712b65e6d63"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7ecddddf68900e10-AMS
expires: Wed, 26 Jul 2023 19:02:23 GMT

GET
H2 200 gw_251221.js Show response
site2text-2021.web.app/ 0
416 B 319ms
227ms Script
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://site2text-2021.web.app/gw_251221.js?0.9796878578530399

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/s2t-images/mr.js?0.6894286519124107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 26 Jul 2023 16:02:23 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-ams21042-AMS
server: Google Frontend
x-timer: S1690387343.323967,VS0,VE208
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html
x-cloud-trace-context: 9d12af1a943726758d683667c523de2a
cache-control: private
function-execution-id: s6pydv4rg8tj
accept-ranges: bytes
x-orig-accept-language: nl-NL,nl;q=0.9
x-country-code: NL
x-cache-hits: 0

GET
H2 200 22b6bd42fbc10bf95643.js Show response
yastatic.net/partner-code-bundles/811464/ 14 KB
5 KB 121ms
37ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/811464/22b6bd42fbc10bf95643.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

14a20d2443eff6ab3ff7a1c50cfaf07a26e8ff94b6c678472699a94449449597

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bg.m-almahdi.com/
Origin: https://bg.m-almahdi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4775
last-modified: Fri, 21 Jul 2023 15:52:01 GMT
server: nginx/1.17.9
etag: "bac045213556e016930ee90898d17064"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 25 Jul 2053 22:35:00 GMT

GET
H2 200 9191a3472c126b246619.js Show response
yastatic.net/partner-code-bundles/811464/ 24 KB
8 KB 129ms
47ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/811464/9191a3472c126b246619.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d865cbdda1fe4bc8511c3e06034b8e00ca15c8f2d0b19c5ebfe083e2570a5f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bg.m-almahdi.com/
Origin: https://bg.m-almahdi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7950
last-modified: Fri, 21 Jul 2023 15:52:01 GMT
server: nginx/1.17.9
etag: "08d17f0a945cad0665d437f6bc4a188b"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 25 Jul 2053 22:34:42 GMT

GET
H2 200 21f6c785ac3c2cd74ae6.js Show response
yastatic.net/partner-code-bundles/811464/ 126 KB
26 KB 127ms
48ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/811464/21f6c785ac3c2cd74ae6.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cda6fb4229ac27f27bb05d9a85d2a1a0b39aa8043342c5dee9d8958c33a3dfbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bg.m-almahdi.com/
Origin: https://bg.m-almahdi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26338
last-modified: Fri, 21 Jul 2023 15:52:01 GMT
server: nginx/1.17.9
etag: "15ab5fcac5a2428933f13d235e2ec104"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 25 Jul 2053 22:34:36 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 128ms
51ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bg.m-almahdi.com/
Origin: https://bg.m-almahdi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 25 Jul 2053 22:38:20 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 104ms
30ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bg.m-almahdi.com/
Origin: https://bg.m-almahdi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: acecf882aa08f195
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 21:51:32 GMT

GET
H2 200 e22054dff07e1e751d8f.js Show response
yastatic.net/partner-code-bundles/811464/ 7 KB
3 KB 123ms
51ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/811464/e22054dff07e1e751d8f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f68cf913b546c9a77e35970a61395ebb616baf31a1597ffc13539cc9b4dcac40

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bg.m-almahdi.com/
Origin: https://bg.m-almahdi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2084
last-modified: Fri, 21 Jul 2023 15:52:02 GMT
server: nginx/1.17.9
etag: "970f363db13d4c78815bc81207e88c42"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 25 Jul 2053 22:34:32 GMT

GET
H2 200 4f16e73ba50f91abe3d1.js Show response
yastatic.net/partner-code-bundles/811464/ 621 KB
117 KB 31ms
31ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/811464/4f16e73ba50f91abe3d1.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1ff42bac2c55339100a351ea1193610f481a56eab6f0c42e1c6226da9c348c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bg.m-almahdi.com/
Origin: https://bg.m-almahdi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 119500
last-modified: Fri, 21 Jul 2023 15:52:01 GMT
server: nginx/1.17.9
etag: "a2cb28a0aa4bdfaac9854c2c6f87017c"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 25 Jul 2053 22:34:27 GMT

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 70ms
41ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230726

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ea9cd6d50565422915cf975d61f2124d19b0ec2c9d944df29f99f8023bc5d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 90
x-jsd-version: 1.0.1763
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7027-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"63f-tMHfOqRc2WfflqQyPOx5Np1DYi0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXL4AwHNuZ%2B%2BCuCVnekXA2wSXRaQD5fYdBaVZ6xyplHOZbj5YljACh4ngkLkv9qqYW5ZjYT5AwIUWvx20lhlw9NybHipbr%2FbTYEPuCC5KMUzfCqSqQqoIUPllYhRmq9z5f2MqznaHx%2FRRO1U7Y4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7ecddde069351c79-FRA

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
114 B 76ms
75ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jul 2023 14:52:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64be660f-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 26 Jul 2023 17:02:23 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/71484610/
Redirect Chain

https://mc.yandex.ru/watch/71484610?wmode=7&page-url=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c...
https://mc.yandex.ru/watch/71484610/1?wmode=7&page-url=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep...

420 B
502 B

71ms
70ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/71484610/1?wmode=7&page-url=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A346%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1098321451456%3Ahid%3A996746608%3Az%3A0%3Ai%3A20230726160223%3Aet%3A1690387343%3Ac%3A1%3Arn%3A666763626%3Arqn%3A1%3Au%3A1690387343226495519%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A20%2C44%2C59%2C2%2C0%2C0%2C%2C16%2C0%2C303%2C303%2C11%2C255%3Aco%3A0%3Acpf%3A1%3Ans%3A1690387342543%3Arqnl%3A1%3Ast%3A1690387343%3At%3A%D0%A2%D0%B5%D1%81%D1%82%D1%8A%D1%82%20%D0%BD%D0%B0%20%D0%A4%D1%83%D0%BA%D1%83%D0%B4%D0%B0%20%D0%B7%D0%B0%20%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D0%B1%D1%83%D0%BB%D0%B0%D1%80%D0%BD%D0%B0%20%D1%84%D1%83%D0%BD%D0%BA%D1%86%D0%B8%D1%8F%20-%20%D0%97%D0%B4%D1%80%D0%B0%D0%B2%D0%B5%20-%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

707316e6fb3fc134c6555f90e9a5a84bce8deedd02131375907f56d4d7b4045c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 26-Jul-2023 16:02:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bg.m-almahdi.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Wed, 26-Jul-2023 16:02:23 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 26-Jul-2023 16:02:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/71484610/1?wmode=7&page-url=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A346%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1098321451456%3Ahid%3A996746608%3Az%3A0%3Ai%3A20230726160223%3Aet%3A1690387343%3Ac%3A1%3Arn%3A666763626%3Arqn%3A1%3Au%3A1690387343226495519%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A20%2C44%2C59%2C2%2C0%2C0%2C%2C16%2C0%2C303%2C303%2C11%2C255%3Aco%3A0%3Acpf%3A1%3Ans%3A1690387342543%3Arqnl%3A1%3Ast%3A1690387343%3At%3A%D0%A2%D0%B5%D1%81%D1%82%D1%8A%D1%82%20%D0%BD%D0%B0%20%D0%A4%D1%83%D0%BA%D1%83%D0%B4%D0%B0%20%D0%B7%D0%B0%20%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D0%B1%D1%83%D0%BB%D0%B0%D1%80%D0%BD%D0%B0%20%D1%84%D1%83%D0%BD%D0%BA%D1%86%D0%B8%D1%8F%20-%20%D0%97%D0%B4%D1%80%D0%B0%D0%B2%D0%B5%20-%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: https://bg.m-almahdi.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 26-Jul-2023 16:02:23 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
533 B 172ms
56ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://bg.m-almahdi.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
179 B 109ms
24ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.m-almahdi.com
date: Wed, 26 Jul 2023 16:02:23 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
171 B 98ms
17ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Wed, 26 Jul 2023 16:02:23 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://bg.m-almahdi.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 144 B
960 B 103ms
23ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8631d5de4f7ea4e9c28789d06b0a5fbef166139191c79049fcd4fff0d475af90

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:23 GMT
an-x-request-uuid: a9874796-65cf-4ff6-84f3-4ca7de7f74b8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bg.m-almahdi.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.79.98.51; 5.79.98.51; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 warbletoncouncil.org.1102315.es6.js Show response
jsc.mgid.com/w/a/ 316 KB
94 KB 64ms
41ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c21b6c07449705bed660bb4e39c8a7d98795b9631a4cd3ed422d5ba1f315262

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
x-amz-version-id: YOcq8VvFB3Ip9jJZrB4SQJfuEpmmR4DT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: KHN2XAR8T224G497
age: 5188
cf-polished: origSize=323504
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: N8ITgxgnEOa+ezxU3UfZ9ujRCWeF4phKTqQofwnQd4Zws9wZmZYNIOjkzSwYqWHSZM2IYeQPowA=
cf-bgj: minify
last-modified: Wed, 26 Jul 2023 13:58:18 GMT
server: cloudflare
etag: W/"c624806ef2d50c6e6ce06edb9e0c63f6"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7ecddde0ea9b0e10-AMS
expires: Wed, 26 Jul 2023 19:02:23 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 65ms
43ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?31606a4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

0eb41fd218b07ac20837ddd25bebaf331aaedac998163dd2c91f9e8138aab5a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 warbletoncouncil.org.1102315.js Show response
jsc.mgid.com/w/a/ 3 KB
1 KB 50ms
28ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Requested by: Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?31606a4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ec95bc7634c6583f88ca18fc7384514312f3c762d92be4cf9a10e77dd1e968

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
x-amz-version-id: _DL92OilPQ4_NXFC9cUgdCFq6t9tH0k8
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 5S0CHYGAXGTZRNHX
age: 5189
cf-polished: origSize=2702
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SjoFQrEqDNzCjpbl77MHcyTz+OTurBV2YckdTZX/Sc0uUDu6j1g0dW8C/xM2xu3tE+6H5GnLULU=
cf-bgj: minify
last-modified: Fri, 21 Jul 2023 09:19:09 GMT
server: cloudflare
etag: W/"7c56bc596eeb9509c8955712b65e6d63"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7ecddde0ea9d0e10-AMS
expires: Wed, 26 Jul 2023 19:02:23 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/ 385 KB
123 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 09:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25036
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125319
x-xss-protection: 0
server: cafe
etag: 4098493636285064892
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 25 Jul 2024 09:05:07 GMT

GET
H3 200 warbletoncouncil.org.1102315.js Show response
jsc.mgid.com/w/a/ 3 KB
1 KB 34ms
34ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Requested by: Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?31606a4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ec95bc7634c6583f88ca18fc7384514312f3c762d92be4cf9a10e77dd1e968

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
x-amz-version-id: _DL92OilPQ4_NXFC9cUgdCFq6t9tH0k8
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 5CB72QTZH1TRHN75
age: 5145
cf-polished: origSize=2702
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: b5I9qbeV2tjz8T7JBOuOr70YiEaAWU0ht09tN5b4ZbhWAPfHvixNgNPM8Ho9r1ozDrN6tvW+uaM=
cf-bgj: minify
last-modified: Fri, 21 Jul 2023 09:19:09 GMT
server: cloudflare
etag: W/"7c56bc596eeb9509c8955712b65e6d63"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7ecddde139e5b8e4-AMS
expires: Wed, 26 Jul 2023 19:02:23 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 53ms
50ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?31606a4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

268279ad0b502c3f4168840e6743cf107685041567fcae36d38382a10dad2043

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 88ms
14ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:19:13 GMT
content-encoding: gzip
age: 1719790
x-guploader-uploadid: ADPycdvbZ2LIjBAJ-EtfhjxpdXgzbf0iVSCEl7UW5W5lobH3pkb8gZwFLeeh9LHaS52OBl7Goz26viPjNklH3R6LKWd7jBLnOQ7Z
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 05 Jul 2024 18:19:13 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 98ms
28ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Jul 2023 16:02:23 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 124ms
27ms Script
text/javascript 18.155.129.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-39.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 02:34:21 GMT
content-encoding: gzip
via: 1.1 c78f30ff7f6b22fd8ede54f77f4fe538.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 48483
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: D6QyZ9BuF8vTTnK6YoDXHaAquliztfOHsq5k89CfP6e3czecVzW9lQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 94ms
21ms Script
text/javascript 2600:9000:2250:3000:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:3000:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: null
Date: Wed, 26 Jul 2023 00:56:56 GMT
Via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 54328
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: kmMwSLZcZvS581Pe_MxbqHGfWKfdDTfR5pEXenRGfkd4EC5XGp8J7A==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
842 B 32ms
28ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 36299
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7VOz6ZjUmIoqQpc3apA0P3dfZIdu%2FOI5%2BAyWPHW55X4TUkOnwMrwu5iH%2FKui5zHbt%2BmjedxO3IG4F6FUdaztvlGnpcp122bAZQiogJ0dp%2FYfI50s5sDZySnbsyrxgFBPDIki5Ys9IEIRUlOjWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7ecddde2091e2c46-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 123ms
36ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: EYAFV55K4BXD4QAJ
age: 2684
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ecddde28e223719-FRA
x-amz-id-2: whWkBhGm1ASZrNS/p6BPS7n04HervMshZG7qaxgZ9WSN3A3Ln15Wm67BYkFJkBlsBofx4C+mrXI=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 91ms
28ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
via: 1.1 google, 1.1 google
last-modified: Wed, 05 Jul 2023 19:08:57 GMT
server: Google Frontend
etag: 6c49a4094d9a446bdc7fe3d19d23b4c7
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: cadf080bd0dd08f80496d448b4625925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 478ms
478ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1300081067025427&correlator=4089376503616097&eid=31075028%2C44782498%2C31070233%2C21065724%2C44797786&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fif&iu_parts=121764058%3A22612148122%2Cthebrassman.org_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&ifi=1&adks=4020489585&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1690387343703&lmt=1690387343&adxs=450&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&frm=20&vis=1&psz=0x-1&msz=700x-1&fws=640&ohw=0&ga_vid=1191471776.1690387344&ga_sid=1690387344&ga_hid=1708073130&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYrdK_l5kxSABSAghkEhkKCnB1YmNpZC5vcmcYrdK_l5kxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGK3Sv5eZMUgAUgIIZBIXCghydGJob3VzZRit0r-XmTFIAFICCGQSFAoFb3BlbngYrNK_l5kxSABSAghkEhkKCnVpZGFwaS5jb20YrdK_l5kxSABSAghkEhsKDGlkNS1zeW5jLmNvbRit0r-XmTFIAFICCGQ.&dlt=1690387342670&idt=970

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdab1ffd27400dc9e496bfc8d4b24b8283387db1a5b0bc3ce1577c3efec6d1fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9920
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bg.m-almahdi.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 134ms
76ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f21a6ca53f0467c2c8bed0436f1a7bd16376e2e6b1e4e3dbfd67a0c68878e5cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11949
x-xss-protection: 0

GET
H2 200 container.html Show response
2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A31F 6 KB
3 KB 115ms
27ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.m-almahdi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:02:23 GMT
expires: Thu, 25 Jul 2024 16:02:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 284c4f1b-eb65-437b-96db-f96653eda797
https://bg.m-almahdi.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bg.m-almahdi.com/284c4f1b-eb65-437b-96db-f96653eda797
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK fd21f270-a780-4228-ac9f-eb7ea9970bd7
https://bg.m-almahdi.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bg.m-almahdi.com/fd21f270-a780-4228-ac9f-eb7ea9970bd7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 35ba5c4e-c6a8-4a29-8807-d9e2533cb813
https://bg.m-almahdi.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bg.m-almahdi.com/35ba5c4e-c6a8-4a29-8807-d9e2533cb813
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK cfb81ca4-dbf3-4aae-8fca-e85f16ea2933
https://bg.m-almahdi.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bg.m-almahdi.com/cfb81ca4-dbf3-4aae-8fca-e85f16ea2933
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 warbletoncouncil.org.1102315.es6.js Show response
jsc.mgid.com/w/a/ 316 KB
95 KB 38ms
38ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c21b6c07449705bed660bb4e39c8a7d98795b9631a4cd3ed422d5ba1f315262

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
x-amz-version-id: YOcq8VvFB3Ip9jJZrB4SQJfuEpmmR4DT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: KHN2XAR8T224G497
age: 5145
cf-polished: origSize=323504
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: N8ITgxgnEOa+ezxU3UfZ9ujRCWeF4phKTqQofwnQd4Zws9wZmZYNIOjkzSwYqWHSZM2IYeQPowA=
cf-bgj: minify
last-modified: Wed, 26 Jul 2023 13:58:18 GMT
server: cloudflare
etag: W/"c624806ef2d50c6e6ce06edb9e0c63f6"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7ecddde25b69b8e4-AMS
expires: Wed, 26 Jul 2023 19:02:23 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 41ms
41ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?31606a4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

c1f443fd6d94662e5b0b0651fbd2ddd1820ba2d528357a1ba127daff3f9986fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 warbletoncouncil.org.1305779.js Show response
jsc.mgid.com/w/a/ 3 KB
1 KB 27ms
26ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.js
Requested by: Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?31606a4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4130aa6ac7b4aa3b04e77c451bad2b9e192aa5dd16700ba238db94b477ef3d9a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
x-amz-version-id: JJNM5fQ1IxrUerwqZBgW6V5zzWN1506t
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: FC81MS150J2T7F78
age: 3422
cf-polished: origSize=2702
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: F6CYEod1rwQrW6d0BQQ/mcMfddEHZO9jkTZ56uZsRWnsQLQIwjXLmBhmktnsX0IRZX1Q67ZUsyU=
cf-bgj: minify
last-modified: Fri, 21 Jul 2023 08:20:30 GMT
server: cloudflare
etag: W/"7d358cfd2faab31c2955f125162080e6"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7ecddde25b6bb8e4-AMS
expires: Wed, 26 Jul 2023 19:02:23 GMT

GET
H3 200 warbletoncouncil.org.1305779.es6.js Show response
jsc.mgid.com/w/a/ 306 KB
94 KB 30ms
30ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7ed4c8d837c5ba75b26ec5e7dafec35df4a0edae3b0f6d1a4649694a0c539d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
x-amz-version-id: uELK9qNJYzOk0XHXnSj855chmN.kjULP
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: VGZ6YH3C3XJE8V5T
age: 3449
cf-polished: origSize=313238
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KAT2RxJdtcKGOiDiKbMBEozG/vFirYBgOHwXu2cx1xwiMV3guH+sWEJ8W3yWc71Ao8qWxdIvwQJChxgob24AA1vJ9WIqAjFpd01V8ijSfgY=
cf-bgj: minify
last-modified: Wed, 26 Jul 2023 13:39:15 GMT
server: cloudflare
etag: W/"ba27639eec16e7686b17d7bde4e9614f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7ecddde2abcfb8e4-AMS
expires: Wed, 26 Jul 2023 19:02:23 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 38ms
38ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?31606a4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

f51a943314d36dfdaa7cad1df8fff0ac13f7ad32adb31cfbf43637363e89cac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 82ms
27ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bg.m-almahdi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://bg.m-almahdi.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 26 Jul 2023 16:02:23 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 7c21ac2ca0b919903981c2919647070e

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 265 B
360 B 31ms
30ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e7c50bf160a6bb4c76861620e8499492ff63697842d0ee8f8d36fb12be4c0f0a

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: d0c82383a740a0a436f14b88923d4cb9
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&rid=esp&cc=1

85 B
194 B

122ms
121ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 82ecd7187bc277704af5711cbbc8eaa7df225f63bd8a10e472477b656f29db84

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-yqLRbl5zE4dYUyjkt3HofyKXODQ"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bg.m-almahdi.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 26 Jul 2023 16:02:23 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bg.m-almahdi.com
location: /esp?url=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5845 15 KB
6 KB 43ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bg.m-almahdi.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bg.m-almahdi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:02:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 303089
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
325 B 79ms
23ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.m-almahdi.com
date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
336 B 100ms
30ms XHR
application/json 99.81.215.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.215.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-215-196.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f9560995c32a95592e09117440ae26baadb3badcfca256f0d0652bfdb3e712cb

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:23 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://bg.m-almahdi.com
cache-control: no-cache
x-server: 10.45.29.239
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
BLOB 200
OK 9352b6f3-8454-4b09-8f1c-0507ed5c3d11
https://bg.m-almahdi.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bg.m-almahdi.com/9352b6f3-8454-4b09-8f1c-0507ed5c3d11
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK ff0d0e2b-56f6-4805-910a-db89f6208bd4
https://bg.m-almahdi.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bg.m-almahdi.com/ff0d0e2b-56f6-4805-910a-db89f6208bd4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 /
c.mgid.com/pv/ 0
43 B 37ms
28ms Image
text/plain 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/pv/?lu=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&cbuster=1690387343843771899178&pvid=18992efe9e3adb9a6c1&implVersion=11&cxurl=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&site=692293&scum=%3F0&scuw=%3F0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ecddde32db80e10-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 137ms
59ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jul 2023 16:02:23 GMT

GET
BLOB 200
OK 40624657-5cf2-4721-adc0-81af7fdd8f22
https://bg.m-almahdi.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bg.m-almahdi.com/40624657-5cf2-4721-adc0-81af7fdd8f22
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 7e114a6e-a15d-4dad-a029-9a39b5477bc7
https://bg.m-almahdi.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bg.m-almahdi.com/7e114a6e-a15d-4dad-a029-9a39b5477bc7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5845
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=m-almahdi.com&sn=ChromeSyncframe&so=0&topUrl=bg.m-almahdi.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=boXoCnxMclVxdHJNV29hTGhQVEp5NU1OOU5pckw3MmQ4djN6UmZ4Mit3aTUxYmVFUGhzbG5DRVJpY0RHM2Fqb08xQ2hkS2Vib29CdE1vMWRiT1NkQVFWbTRMK1dTNUZyWkY2eCs3TXFBYVBySUZmdi9qNWpvbWg5bVFrQU...

449 B
662 B

88ms
23ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=boXoCnxMclVxdHJNV29hTGhQVEp5NU1OOU5pckw3MmQ4djN6UmZ4Mit3aTUxYmVFUGhzbG5DRVJpY0RHM2Fqb08xQ2hkS2Vib29CdE1vMWRiT1NkQVFWbTRMK1dTNUZyWkY2eCs3TXFBYVBySUZmdi9qNWpvbWg5bVFrQUZwbjlrR2QrbjJ5MFkxOTExcytrU21mRVlETnV2K2piQ21CaWduU3RZN0lqSVRiVG03VDR5eVdIcGppZFIxTU9hSVpYS3VROGVZZUg5eTZkci9TY2dLdW1MQnRBVkR1TWJFMmJ1cUlIYmtlQS9PaEJ4QTF6NzdrclRBSnoybExLVnBXTlFRdWdSdXVNRmVVc084VTIwM29xYUlRZmtidz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1bc235f9ce5f14fb317bee8129315e89d2cc8edcb878b351c66cff0186dad098

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1678931
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=boXoCnxMclVxdHJNV29hTGhQVEp5NU1OOU5pckw3MmQ4djN6UmZ4Mit3aTUxYmVFUGhzbG5DRVJpY0RHM2Fqb08xQ2hkS2Vib29CdE1vMWRiT1NkQVFWbTRMK1dTNUZyWkY2eCs3TXFBYVBySUZmdi9qNWpvbWg5bVFrQUZwbjlrR2QrbjJ5MFkxOTExcytrU21mRVlETnV2K2piQ21CaWduU3RZN0lqSVRiVG03VDR5eVdIcGppZFIxTU9hSVpYS3VROGVZZUg5eTZkci9TY2dLdW1MQnRBVkR1TWJFMmJ1cUlIYmtlQS9PaEJ4QTF6NzdrclRBSnoybExLVnBXTlFRdWdSdXVNRmVVc084VTIwM29xYUlRZmtidz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 224550
content-length: 0
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E1D6 13 KB
5 KB 24ms
19ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.m-almahdi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 21222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 10:08:42 GMT
expires: Thu, 25 Jul 2024 10:08:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1D99 783 B
1 KB 77ms
29ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

88d8f1bc61c7d224f99b8ab478c18756135cb3c3531d63818c5e1dff3182a974

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dsc6NPWMOGPf7N0tXOzN8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bg.m-almahdi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-dsc6NPWMOGPf7N0tXOzN8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:02:24 GMT
expires: Wed, 26 Jul 2023 16:02:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MefDsIjr-126UL1ZlRxjISGtS5GmSa44osRgNBoPAC4.js Show response
pagead2.googlesyndication.com/bg/ Frame E1D6 37 KB
14 KB 60ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MefDsIjr-126UL1ZlRxjISGtS5GmSa44osRgNBoPAC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31e7c3b088ebfb5dba50bd59951c632121ad4b91a649ae38a2c460341a0f002e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 11:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14565
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:31:19 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame C349 0
176 B 183ms
128ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bg.m-almahdi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 26 Jul 2023 16:02:24 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
BLOB 206
Partial Content 56d90227-596f-4716-881e-daf2af19cf50
https://bg.m-almahdi.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bg.m-almahdi.com/56d90227-596f-4716-881e-daf2af19cf50
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 450801a0-ecde-49e8-bcf4-43e07dcc7be7
https://bg.m-almahdi.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bg.m-almahdi.com/450801a0-ecde-49e8-bcf4-43e07dcc7be7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 7a1ba68a-a842-4231-b1ed-94f0b14b6ee0
https://bg.m-almahdi.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bg.m-almahdi.com/7a1ba68a-a842-4231-b1ed-94f0b14b6ee0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1D99 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307200101&jk=1300081067025427&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 43ms
25ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: KZHG8W3F9TBRMAND
age: 5984
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dbyeVsK/NjOgn7JlIkeUY91rcsUk7Xu5UroxSC2k1IBVpKj3RcOw+iHuOsxJ5UaGiIcgCnMZgl0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7ecddde528e40e10-AMS
expires: Thu, 27 Jul 2023 16:02:24 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
907 B 42ms
24ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YRQRQGQP9DZNZ14S
age: 6460
alt-svc: h3=":443"; ma=86400
x-amz-id-2: prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7ecddde528e20e10-AMS
expires: Thu, 27 Jul 2023 16:02:24 GMT

GET
BLOB 206
Partial Content d3c99a61-86ca-4705-bbf3-5a7d6fd59e27
https://bg.m-almahdi.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bg.m-almahdi.com/d3c99a61-86ca-4705-bbf3-5a7d6fd59e27
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 39ms
38ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?31606a4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

09eb667287244539f4d7bc7660dbd4855e3dc0811a1f4485b554b446fc4d8e67

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 container.html Show response
2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 60C7 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.m-almahdi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:02:23 GMT
expires: Thu, 25 Jul 2024 16:02:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1 Show response
servicer.mgid.com/1102315/ 3 KB
1 KB 83ms
68ms Script
application/x-javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1102315/1?mp4=1&ap=1&w=679&h=292&sz=220x246&szp=1,2,3&szl=1,2,3&cols=3&sessionId=64c14390-0105e&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&cbuster=1690387344247878947350&pvid=18992efe9e3adb9a6c1&implVersion=11&cxurl=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&scum=%3F0&scuw=%3F0&uniqId=0ee0e&niet=4g&nisd=false&pv=5&lct=1690329600&jsv=es6&pageView=1&dpr=1&ref=&tfre=1578
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c9f8896ce780802b3ae72e321551578bc76246fbb0429376acd5b1d2c92748a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7ecddde5b9dc0e10-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/1102315/ 3 KB
1 KB 73ms
58ms Script
application/x-javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1102315/1?mp4=1&ap=1&w=679&h=292&sz=220x246&szp=1,2,3&szl=1,2,3&cols=3&sessionId=64c14390-0105e&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&cbuster=1690387344249252434286&pvid=18992efe9e3adb9a6c1&implVersion=11&cxurl=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&scum=%3F0&scuw=%3F0&uniqId=0ad10&niet=4g&nisd=false&pv=5&lct=1690329600&jsv=es6&pageView=0&dpr=1&ref=&tfre=1580
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ff40239f3582dcb24ec8e9fc92b4d6a12198588cdd7b46ae619f72aba190a4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7ecddde5b9dd0e10-AMS
alt-svc: h3=":443"; ma=86400

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 38ms
38ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?31606a4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

4dd431dddb6875e6c0d6f0491aba3c3834ae981797db8b7899e63ed6e8ceba69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: KZHG8W3F9TBRMAND
age: 784
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dbyeVsK/NjOgn7JlIkeUY91rcsUk7Xu5UroxSC2k1IBVpKj3RcOw+iHuOsxJ5UaGiIcgCnMZgl0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7ecddde5afe4b8e4-AMS
expires: Thu, 27 Jul 2023 16:02:24 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
989 B 31ms
30ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YRQRQGQP9DZNZ14S
age: 5133
alt-svc: h3=":443"; ma=86400
x-amz-id-2: prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7ecddde5afeab8e4-AMS
expires: Thu, 27 Jul 2023 16:02:24 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1102315/ 3 KB
1 KB 64ms
62ms Script
application/x-javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1102315/1?mp4=1&ap=1&sessionId=64c14390-0105e&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&w=679&h=292&sz=220x246&szp=1,2,3&szl=1,2,3&cols=3&lu=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&cbuster=1690387344261338171865&pvid=18992efe9e3adb9a6c1&implVersion=11&cxurl=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&scum=%3F0&scuw=%3F0&uniqId=0e130&niet=4g&nisd=false&pv=5&lct=1690329600&jsv=es6&pageView=0&dpr=1&ref=&tfre=1592
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf46349aa4a3042db990d577479e2b356e6f5aa1af16d2dc7dd94967917e8a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7ecddde5b9de0e10-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AA79 624 B
824 B 106ms
58ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGKSa5twBMAE&v=APEucNUt8l6C4VnthiGbcAe0cf9hVJmxj4Gyt0p9HXilvLQQye9_gs5j2Vcvnm0YOq68ZdSHEKgDOHdYm36_ixi78jQ9DURU7_rcboVge-TE932wfbxLJNSVjxUJwkwyHATP9GrltGvf7yHh8GLmug5i0uqUzxtZ2FLQFeApH5EGQjDGJOePbVytOI1n-ievyieuUMey63gj5TVFj_-f2MVjrj4F_PPD-w

Requested by

Host: 2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com
URL: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:02:24 GMT
expires: Wed, 26 Jul 2023 16:02:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 60C7 86 KB
29 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com
URL: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0229dbcb78d16f4e98ccb93decb992b6bb488fffdd85675e586ab6546efd3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30178
x-xss-protection: 0
server: cafe
etag: 18056378990419963096
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 16:02:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 60C7 42 B
63 B 53ms
52ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A96IJfBc_I0C_jbzJNudcTB_r1sBOg9ZIDp6k2LXLkPNXBXTwG-bLvI83zT43-1WXDLmvmbIeOdAWGe7pgRC8zF4y9kG76TiNzPw06AQcBaazTN14

Requested by

Host: 2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com
URL: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 60C7 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15424832353986012418&x=1&ct=76

Requested by

Host: 2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com
URL: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 60C7 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com
URL: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 10:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 10:07:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 60C7 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com
URL: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32ff9bf998cf59e2f25def004a13d818a90a26fdf631627beee581b12ca78cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8302
x-xss-protection: 0
server: cafe
etag: 1396992018294926149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 20:18:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 60C7 179 KB
57 KB 125ms
53ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com
URL: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57383
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690198756579870"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 16:02:24 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E1D6 0
10 B 23ms
19ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FYp7qw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 1 Show response
servicer.mgid.com/1305779/ 2 KB
1 KB 36ms
36ms Script
application/x-javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1305779/1?mp4=1&ap=1&sessionId=64c14390-0105e&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&w=679&h=0&wrongImageSize=1&sz=324x86&szp=1,2&szl=1;2&cols=1&lu=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&cbuster=1690387344319681929431&pvid=18992efe9e3adb9a6c1&implVersion=11&cxurl=https%3A%2F%2Fbg.m-almahdi.com%2Fthe-fukuda-stepping-test-260d6228-2a4444&scum=%3F0&scuw=%3F0&uniqId=13459&niet=4g&nisd=false&pv=5&lct=1690329600&jsv=es6&pageView=0&dpr=1&ref=&tfre=1650
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13dd31e546d2d20f254567d95bb2e799e063456958329005c732191d81534a79

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7ecddde60a520e10-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: KZHG8W3F9TBRMAND
age: 784
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dbyeVsK/NjOgn7JlIkeUY91rcsUk7Xu5UroxSC2k1IBVpKj3RcOw+iHuOsxJ5UaGiIcgCnMZgl0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7ecddde6388cb8e4-AMS
expires: Thu, 27 Jul 2023 16:02:24 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
989 B 23ms
22ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YRQRQGQP9DZNZ14S
age: 5133
alt-svc: h3=":443"; ma=86400
x-amz-id-2: prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7ecddde6388eb8e4-AMS
expires: Thu, 27 Jul 2023 16:02:24 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy82OTI5ODIvMjg0NjI3ZWIzMjJmYTRhZ...
s-img.mgid.com/g/12451948/492x277/-/ 32 KB
32 KB 93ms
33ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12451948/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy82OTI5ODIvMjg0NjI3ZWIzMjJmYTRhZGU2ZTFkZGYxNDliMTIzYjAucG5n.webp?v=1690387344-_QNZyZNJ47uBls4DwL-wFaMSkhdWvHT5Q_o6AqvhoFo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 134603a1693236e5284eb3b92d5de84275528251ccecc9db60695317536246f2

Request headers

Referer: https://bg.m-almahdi.com/
Origin: https://bg.m-almahdi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Jun 2023 10:12:05 GMT
x-mg-request-uuid: e435d817-f6f2-489a-be15-2f63b9b4efa2
server: cloudflare
age: 2267419
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ecddde69f27b8df-AMS
content-length: 32370
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC82OTI5ODIvMGZkN...
s-img.mgid.com/g/15829721/492x277/-/ 8 KB
8 KB 104ms
44ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15829721/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC82OTI5ODIvMGZkNDBkMTNkOWJjMGE4ZjBlNTI4YjZjYjE3NTlhOWMuanBlZw.webp?v=1690387344-WagMzp9PE6VXtYKiChMTcPICSLF6nlmJ03vfT9Khp4E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae89515862f38388e339168c9c1015313c0c44fe10b7fc5b1f56fdf60987c451

Request headers

Referer: https://bg.m-almahdi.com/
Origin: https://bg.m-almahdi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
cf-cache-status: HIT
last-modified: Sat, 15 Jul 2023 10:14:53 GMT
x-mg-request-uuid: 6b3995ad-9324-4220-aa31-b6e312b2869b
server: cloudflare
age: 785271
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ecddde69f2ab8df-AMS
content-length: 7764
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS82OTI5ODIvMzg1N...
s-img.mgid.com/g/14757095/492x277/-/ 5 KB
5 KB 91ms
32ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14757095/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS82OTI5ODIvMzg1NTY2ZTljMDYyZjJmMTNkZGFjNGJhMWViYjJjODYuanBlZw.webp?v=1690387344-bXp67NAb8XDW1IJNBberxuO901thS0-vo-Bq4ZarJEk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6a5d4abbc57fd79c960a93592a334d5f83ad27d0d89e3d6d5327e0d8e5ea5c

Request headers

Referer: https://bg.m-almahdi.com/
Origin: https://bg.m-almahdi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
cf-cache-status: HIT
last-modified: Sun, 25 Jun 2023 08:14:34 GMT
x-mg-request-uuid: f4df8a8a-fd52-44fe-b5a6-af4c56bb84db
server: cloudflare
age: 724984
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ecddde69f2bb8df-AMS
content-length: 4896
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC82OTI5ODIvNWU0M...
s-img.mgid.com/g/15829609/492x277/-/ 9 KB
9 KB 77ms
43ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15829609/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC82OTI5ODIvNWU0MmQyNTRlMmYxNjM5NDdjMjZmZjVmY2I0NmU0ZGQuanBlZw.webp?v=1690387344-zQxFvINGTVkikcwfC1eu7T-0HCFQ_V-ylHZvWkPwPK4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9512a0f53f142765b9c06f302309951ac3fe4fa0d15fed99a83ef8a4f6a93c14

Request headers

Referer: https://bg.m-almahdi.com/
Origin: https://bg.m-almahdi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 15:45:21 GMT
x-mg-request-uuid: f3f42755-7632-480d-b55e-979df4fc0aad
server: cloudflare
age: 4665592
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ecddde69f2cb8df-AMS
content-length: 9020
alt-svc: h3=":443"; ma=86400

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 60C7 0
20 B 53ms
52ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5860249383597&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 60C7 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5860249383597&version=m202307240101&ct=76&x=1&cor=15424832353986013000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 60C7 93 KB
38 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3qyiH5-VzkiZHT0b309gCFuwDeC-S85nvaJx8csZonYsSrf45reBGfozqb5LPxr2DV0r1r-HijKtiKT3shLBFlgcgN_0yB1Tkxu_IcK1ffOe_Du8&cry=1&dbm_d=AKAmf-BRgIvxX5NFPnRRmKGvsUn-KKvJZZlCjy3ah58n-7DHJPrgIy-L0EpRb3m1mk7UTLYKV7ax6p7JTsWnSSrZfwCCRDi0oVNCyZaC_IWBtOA9yDgEQQatpbLCEqZJGh2oR5rNC8ldnTEqvtILSHBh5OM5AispCJuPa4weCp0lD169i5LUpJJrrijiBH-pXJoWKirNe5A2g_rnQ15HXfApAyo353L-pr-vVPUQrGVKlhCvlOw9geuGs7DGS0tD8rnKOz9Ob22Ltt1ZgSeovjRPHdn_pFY6ySLXjsI6Khro_0UrGpetjb1BMelPXBwQ2VKuCNO26LrX4ywc8aNa9SsOBkVRSsxIhpdICG2qK9gCz0qM9ATR9yLLzVuHmmyudlyeK7Ozj7ORizXHuraNEFx4rcLoujp0dnYFbvhdfj8qh5QgygJ_u89kabdsZ8PzRcV-vA9M29ay1c34kzPQ1VEVJ3eLF7yfkDHEAAniRI9vkuTOxaJZKmS7mVe_fPhzYPKOVtc2EMOkCi3C_6H3t5dorKfUonns1KtjYK9WQvL6spwzESWBu1sGhBEvLZUon25PWmGKq__BKEmmMcyeKl7mmx6hpNgWYPHafT993G-w7BcR3yfZo3-Ki2HapCzMgXsVCczPCiff2qmJqiUcVWhAGvGPIugk24c9twJPYyai737MUCGseo15E363sun9muMEt8tL_zUjjJWgJ7B0WI3U3G8pl88gxzbY6prlzu5brmXvr3IQcHl4N8qLBf9LuS2FU61tED1135H8aHSlmvJSaCUNeqN55Tt2Nm8UnBvy1opBxu6xVbIhRucyx6yv1qQEUuQsAi4nZsh8OVhyaIBGMZyGI-dTrT7uKeFOgIN4zw5HgXLNzYALliTLUsHQMR54UGFKFZQ4aIv1BE87KykfLN5lD8l1WTV2BC_dIPs6ssPEqIy-N9edUFq28HEeu4b9HBLUESJ5B6_nBRntXWlZUKdpzVqew9hpt6EhJzOUdKyg0Gaw6ns8kd4z3DrTWdv2VkjGKAV6ZSg2Zh0aGjcuLR6YN9-xJ9FI4CalYwXmdGTBdq-m6r9Vhw_9_VsvyBr-dU8zBPCppQQX7pbxbBM0t5A0MTcQNl0vRJBG0vlimyAFEE7JtgvyOsr1N6xKpLKqPA8Z0dmgfhhUdHq6s4GVwYnJDQcMJW0ZsGq-pw2ziRRmya29Zh32pw__1Q_k9L0ThL6XxRm4IwFzBMALkRKW5d3CXR1ETaO_sa1Aon5mAJv-YKqqPtSsa2lPNdK-dhlKEUphKhs6IFbrdj3XECbbGHwypw-cwIx7iRdjS7mfGHVsCnNWLjlYnrY9C3CvlhSVpxIRTjEn-UTGRIOp00duX-0YNVWPL5Wcek8hn9t7MYZvb5yQuuIBObQ6wEiTZKjDs8wb7aJb5m7fUVhogQ84I8YtZ70xu8IXGT09ThX64HqS7Qbjkfih3el1j_4sYEJngSxKRet1gsbHQn6G1zG0Xc7mddiu33drptS6OgGsGVdqgHUZajQNgQQKAFq25qxvRlS2umqaR2cfSHZSZqp40dsfc-4Gh5i5WMaaE1wYFcvYJt1ugKBh2LmXbVzRBgsQa67ra0nJW6ItEH5Px4-RbkDR1E-HNRijF2UQDSlOM3JUZmhEKGrimXcCAggJvk54TXv9AmVaVtTEQYTGcI_yGKk79NFuIOezJm1Vlz3noid4kFzho8Ld4Rtft3LtD51oOf7Eet9QO5W2SJlWvnD1rrKVUBqehkd0uoKqcjnu-FRMN_Pf88ylBGi0-RpOmb80NAQqMfElQruNB0x5JG6pZSeRUVuD5nKUNYjB698eroZhQoyRTwfmtfMU1ISa2U8zcPXZNjs8ypPQoqKyXAfKGsXaAGWV2KyAX0AEZjrEU1p9FHAKue2K-QP_SYsobUwUIy8WnwZeDxWRbTaCIjVatRmsAtK3nP1vO7YYD_0tEJKwVTn-edJCZI_X6-zNCSRRhqfHZVzew77T_ZF5BtmcJbKygSI4qnRWAjXOYFNsk95QmkbZqW_qt-NARL60uXbkGcUddNTMvjqGP38urvWxSYwlt5jtJTjb9nUpVX7L9NGp9fRpMxSu8OZ-pgWzBTu_INGjA5jln8XUyhi4mBN3qhigBVGJykmLaPUie0FMfP1aK-mbFJQAlA5rM_tihr9Pc91-x5nI8PMh7Naml2W_9fBHHKDmwsQd9_Lbr_OpUkDEb72pcidz4A1aao48dPr_3CIZir_4Fm3Vbpn-28NuOvpBmDQxLmOYTfsFuLhM1WAFqRnJRxRVCLVf-Sxz1CjJBofW5Et-8Sn7qjscdgP4Cl5gRhWd0TxhBzOT5yZV_RcCUESmIDqbGGF-HRcG1fWCn9qvZXVOSGYJwdMx1q7EtQ-YS0iSEIk4QxVB6Okcex3N6QacxZyooh4U2XRoHivSu4yonyeeMtgY8S-K3RNvfDF3rlYZDwYeuSDPYEPN-NjylMDOjwgFKhIy3_zlk5o-2V9fXaqfAleYUiYsf7ThkXCaZ6MMqTfN9O0ZD2KN-eCNADkU5lpPUsJ3hxWFqPpqVOIqQfhFyf5JbqU0sNvo55acbD1oapsr0PgHyXrmyb9Ybg3Okxnz40pWjPIhYTASax3RMoh1VDJyKfR7lPEQ4lxNHiw_KPp25wwr-sLzNYKFeL_6Y9Tm4thfDIdPIeazmviGB4IoZT8AwMp7T_XFwiGHZdnwwvCMtPAAoeEeNa7-VkVTnNcm5yLPIcXT7TRM91zlAv6AAgL7Mw6JocBQDuRYsjVx4IZUq3AOUeKcVS7sk4A9Ln6Z-uDxIaBXDWZKlSV0CxRO-BLVInQviw2IKGzMxcFg76CN4l84tP2Sae25H8iCaZYcafJ8fjles-VbAhAXrI1DNRN9oJmjoFu750jBE6qlLCpzxuAf2WpYp65UaqzeZFeUQBT94ppbzuFQdrN3nMTIgPGbLztkpPGluoK5aQJeh48AREGGTafKq_uKnqIvPCc2tmEoU7kb26_kCeJ3EncEeTW6671xpcjWqe0JT3gtMSMdnCszIffXlX27-RIfbTBHyJknqjGy1gYABhl_lfw_ufzY_iW3F9vnMuVX-AtgNP7wg0JntADO5h-6RrnH2WvS_F2w56Y_z4xMoCK0QlMnG3u1-42RlYXmT_5L9eeuIFkNr_UqOSFYtYmPob0xOw4SmEZaFZ-TqtLBrl-P3hY5ww8WOi5BdV2SlkI3NiyNXSC_IU6-V6PIf575DFpCRoPr5Vo4MPg1Nx0wLcYc3FQIo3soT7YGr_OacxIjcAqD_TwFQf6oABgID2mlZF-otwcRTh6F6XZ2An1vP3TAWfXzzoWVTkRVohlIwsUyEELdNXpC7HuKxJJXHKiZ19hn562m9Opmhvyt-gtMo_MPjG-eXY4mnESt9V-O6WW_Jik3-PeT7B36cEgWsaQbewiiClhltu4Kl-qXnQ2fdc7CCsEVJVUvRsLGBo2iOBV-kuFKVuTHoRloXQeJycGE7gnHZ_Vmw8DANncFDOry1fvSP0Hhbsf-7DM2ASls84Seg-lo-cB5GU9yP7SzlYVjA2nP2eLLmgdtWmBRM7_dehbYaErvOgZdJ3CRoiMi9S7cuG1DSDJRshAwLC8aLTZQtd7xBA47IId-jI8Dgt2FsysrUqcDFW4vzi2htXhUMdqdGyTs7eiOzWNKbvJ42rbkU-VLCw4bYT0EyqwUqN_plTtAIYRDhkoyLmPgupdIDNpMLFG6Yh-L662P78wqH9QgQN2UlZwno54_-UQeFBMg1VocWTFdOLtjVkgOqn-UxP2B7RoxWiszRYddAbATht6MI5-cL-MRkZrK9mc_MXUCBV9LYvTSZ4axiXdWQPPVY0qN0LEiOE072g7wtx6BN4V7zZdNLb_3XjZGdCEiQXx82TQ9Z4bLQutQhIs5PKR6Y_fCzc0P-FjmYyz0S8_rcNEN_lsrqDrwJSmP-A_kf5_WbGCzUGd8aW9Y878Rd_11KxZ28WfgBTtYP9-XEeEnqClHbpj88WxlSi-2TwpC4FrNhzpNQfqa7wWxkTr6Co7l6aGCHqc07g&cid=CAQSSwBpAlJW9jiGcjLq9rVfeBBNt1gVnm0aY6uzjDLii3qIspgdkZG1JAQa8-k1IkxjyDNnLl8UGoUdzMha8tklPkbk2kK0_xQOaZm4RBgB&dc_eid=31076403&dv3_ver=m202307240101&rfl=https%3A%2F%2Fbg.m-almahdi.com%2F&ds=l&xdt=1&iif=1&cor=15424832353986013000&adk=2228999115&idt=103&cac=0&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7910a6fe62f0c4aa3bae5a23b140df59e8564c1e8484468982cdfd74524922ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38697
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AA79
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbK6fXz9Q_ElTp0wSkF4eA&google_cver=1

43 B
766 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbK6fXz9Q_ElTp0wSkF4eA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGKSa5twBMAE&v=APEucNUt8l6C4VnthiGbcAe0cf9hVJmxj4Gyt0p9HXilvLQQye9_gs5j2Vcvnm0YOq68ZdSHEKgDOHdYm36_ixi78jQ9DURU7_rcboVge-TE932wfbxLJNSVjxUJwkwyHATP9GrltGvf7yHh8GLmug5i0uqUzxtZ2FLQFeApH5EGQjDGJOePbVytOI1n-ievyieuUMey63gj5TVFj_-f2MVjrj4F_PPD-w
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 16:02:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbK6fXz9Q_ElTp0wSkF4eA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AA79
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMFDkOt2BaNf1tl46NO96gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbK6fXz9Q_ElTp0wSkF4eA&google_cver=1

43 B
766 B

25ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbK6fXz9Q_ElTp0wSkF4eA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGKSa5twBMAE&v=APEucNUt8l6C4VnthiGbcAe0cf9hVJmxj4Gyt0p9HXilvLQQye9_gs5j2Vcvnm0YOq68ZdSHEKgDOHdYm36_ixi78jQ9DURU7_rcboVge-TE932wfbxLJNSVjxUJwkwyHATP9GrltGvf7yHh8GLmug5i0uqUzxtZ2FLQFeApH5EGQjDGJOePbVytOI1n-ievyieuUMey63gj5TVFj_-f2MVjrj4F_PPD-w
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 16:02:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbK6fXz9Q_ElTp0wSkF4eA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame AA79
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG_anDPSe8yyvqwCIj8-jwk&google_cver=1

43 B
837 B

21ms
21ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG_anDPSe8yyvqwCIj8-jwk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGKSa5twBMAE&v=APEucNUt8l6C4VnthiGbcAe0cf9hVJmxj4Gyt0p9HXilvLQQye9_gs5j2Vcvnm0YOq68ZdSHEKgDOHdYm36_ixi78jQ9DURU7_rcboVge-TE932wfbxLJNSVjxUJwkwyHATP9GrltGvf7yHh8GLmug5i0uqUzxtZ2FLQFeApH5EGQjDGJOePbVytOI1n-ievyieuUMey63gj5TVFj_-f2MVjrj4F_PPD-w

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:24 GMT
an-x-request-uuid: d90e62f7-9b98-4649-b055-7e718fab5e67
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.79.98.51; 5.79.98.51; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG_anDPSe8yyvqwCIj8-jwk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AA79
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxOTY0Nzk4NTI3OTM0NzEyNQ%3D%3D

170 B
243 B

62ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxOTY0Nzk4NTI3OTM0NzEyNQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:24 GMT
an-x-request-uuid: b5e5c863-e0cf-47a4-8416-34766d9eb376
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxOTY0Nzk4NTI3OTM0NzEyNQ%3D%3D
x-proxy-origin: 5.79.98.51; 5.79.98.51; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 24ms
23ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: KZHG8W3F9TBRMAND
age: 784
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dbyeVsK/NjOgn7JlIkeUY91rcsUk7Xu5UroxSC2k1IBVpKj3RcOw+iHuOsxJ5UaGiIcgCnMZgl0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7ecddde6d94db8e4-AMS
expires: Thu, 27 Jul 2023 16:02:24 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
989 B 25ms
24ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YRQRQGQP9DZNZ14S
age: 5133
alt-svc: h3=":443"; ma=86400
x-amz-id-2: prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7ecddde6d950b8e4-AMS
expires: Thu, 27 Jul 2023 16:02:24 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvNjYzOTM0LzNmYjlkM2U1MmYzZjc3ZDdmZ...
s-img.mgid.com/g/10587540/200x200/-/ 8 KB
8 KB 28ms
27ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10587540/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvNjYzOTM0LzNmYjlkM2U1MmYzZjc3ZDdmZmUwODZjYjQ2N2E0NzY5LmpwZw.webp?v=1690387344-0rfECYOpyqdFjjAxwMJxv-oit9jCbl3yy9IlgL7KS_M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cfe24a33fded89458c73d54bcae0b50eb18ded78998c19ff7fe9799eb02c46b

Request headers

Referer: https://bg.m-almahdi.com/
Origin: https://bg.m-almahdi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 09:12:11 GMT
x-mg-request-uuid: 904d528e-d6c5-4947-b733-62ac73e3d2f6
server: cloudflare
age: 108651
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ecddde6df53b8df-AMS
content-length: 7682
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzk5MzU0LzAxYjUzO...
s-img.mgid.com/g/16257352/200x200/-/ 9 KB
9 KB 26ms
26ms Image
image/webp 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16257352/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzk5MzU0LzAxYjUzOGE0MDdiMTgxNWRlMDIyMGQyMWQ1OTMwZjlhLmpwZw.webp?v=1690387344-LfUOY3eV2W4E7KiHRMrol1ywBsx8IjGJINWVzWZjy3I
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc17b4eea2a323208733267a3f41e8a14cfc240b9dc9c3d622fdc64013c26cb7

Request headers

Referer: https://bg.m-almahdi.com/
Origin: https://bg.m-almahdi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 08:05:54 GMT
x-mg-request-uuid: 35340178-271e-48ed-8866-98ac37bdf52c
server: cloudflare
age: 100944
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ecddde6df54b8df-AMS
content-length: 9386
alt-svc: h3=":443"; ma=86400

GET
H2 200 i.js Show response
cm.mgid.com/ 0
37 B 44ms
24ms Script
application/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1690387344483107128548
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7ecddde73bcf0e10-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 3158 0
101 B 29ms
23ms Script
application/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1690387344489101231610
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7ecddde73bd00e10-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
25 KB 33ms
30ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: QFY4N5AZD1WDDC6N
age: 2375
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ecddde73cde3719-FRA
x-amz-id-2: cUqxEceAZFATlYCgoa4isjGb10iJCu6mHxwRp9HM+s2zfdjs2XEkh9AGwGIBeMTzTVpBIZ9REiQ=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 89ms
27ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=163644
accept-ranges: bytes
content-length: 63913
expires: Fri, 28 Jul 2023 13:29:48 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 60C7 172 KB
61 KB 142ms
51ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
Origin: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70670
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 20:24:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/elements/html/ Frame 60C7 11 KB
4 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3qyiH5-VzkiZHT0b309gCFuwDeC-S85nvaJx8csZonYsSrf45reBGfozqb5LPxr2DV0r1r-HijKtiKT3shLBFlgcgN_0yB1Tkxu_IcK1ffOe_Du8&cry=1&dbm_d=AKAmf-BRgIvxX5NFPnRRmKGvsUn-KKvJZZlCjy3ah58n-7DHJPrgIy-L0EpRb3m1mk7UTLYKV7ax6p7JTsWnSSrZfwCCRDi0oVNCyZaC_IWBtOA9yDgEQQatpbLCEqZJGh2oR5rNC8ldnTEqvtILSHBh5OM5AispCJuPa4weCp0lD169i5LUpJJrrijiBH-pXJoWKirNe5A2g_rnQ15HXfApAyo353L-pr-vVPUQrGVKlhCvlOw9geuGs7DGS0tD8rnKOz9Ob22Ltt1ZgSeovjRPHdn_pFY6ySLXjsI6Khro_0UrGpetjb1BMelPXBwQ2VKuCNO26LrX4ywc8aNa9SsOBkVRSsxIhpdICG2qK9gCz0qM9ATR9yLLzVuHmmyudlyeK7Ozj7ORizXHuraNEFx4rcLoujp0dnYFbvhdfj8qh5QgygJ_u89kabdsZ8PzRcV-vA9M29ay1c34kzPQ1VEVJ3eLF7yfkDHEAAniRI9vkuTOxaJZKmS7mVe_fPhzYPKOVtc2EMOkCi3C_6H3t5dorKfUonns1KtjYK9WQvL6spwzESWBu1sGhBEvLZUon25PWmGKq__BKEmmMcyeKl7mmx6hpNgWYPHafT993G-w7BcR3yfZo3-Ki2HapCzMgXsVCczPCiff2qmJqiUcVWhAGvGPIugk24c9twJPYyai737MUCGseo15E363sun9muMEt8tL_zUjjJWgJ7B0WI3U3G8pl88gxzbY6prlzu5brmXvr3IQcHl4N8qLBf9LuS2FU61tED1135H8aHSlmvJSaCUNeqN55Tt2Nm8UnBvy1opBxu6xVbIhRucyx6yv1qQEUuQsAi4nZsh8OVhyaIBGMZyGI-dTrT7uKeFOgIN4zw5HgXLNzYALliTLUsHQMR54UGFKFZQ4aIv1BE87KykfLN5lD8l1WTV2BC_dIPs6ssPEqIy-N9edUFq28HEeu4b9HBLUESJ5B6_nBRntXWlZUKdpzVqew9hpt6EhJzOUdKyg0Gaw6ns8kd4z3DrTWdv2VkjGKAV6ZSg2Zh0aGjcuLR6YN9-xJ9FI4CalYwXmdGTBdq-m6r9Vhw_9_VsvyBr-dU8zBPCppQQX7pbxbBM0t5A0MTcQNl0vRJBG0vlimyAFEE7JtgvyOsr1N6xKpLKqPA8Z0dmgfhhUdHq6s4GVwYnJDQcMJW0ZsGq-pw2ziRRmya29Zh32pw__1Q_k9L0ThL6XxRm4IwFzBMALkRKW5d3CXR1ETaO_sa1Aon5mAJv-YKqqPtSsa2lPNdK-dhlKEUphKhs6IFbrdj3XECbbGHwypw-cwIx7iRdjS7mfGHVsCnNWLjlYnrY9C3CvlhSVpxIRTjEn-UTGRIOp00duX-0YNVWPL5Wcek8hn9t7MYZvb5yQuuIBObQ6wEiTZKjDs8wb7aJb5m7fUVhogQ84I8YtZ70xu8IXGT09ThX64HqS7Qbjkfih3el1j_4sYEJngSxKRet1gsbHQn6G1zG0Xc7mddiu33drptS6OgGsGVdqgHUZajQNgQQKAFq25qxvRlS2umqaR2cfSHZSZqp40dsfc-4Gh5i5WMaaE1wYFcvYJt1ugKBh2LmXbVzRBgsQa67ra0nJW6ItEH5Px4-RbkDR1E-HNRijF2UQDSlOM3JUZmhEKGrimXcCAggJvk54TXv9AmVaVtTEQYTGcI_yGKk79NFuIOezJm1Vlz3noid4kFzho8Ld4Rtft3LtD51oOf7Eet9QO5W2SJlWvnD1rrKVUBqehkd0uoKqcjnu-FRMN_Pf88ylBGi0-RpOmb80NAQqMfElQruNB0x5JG6pZSeRUVuD5nKUNYjB698eroZhQoyRTwfmtfMU1ISa2U8zcPXZNjs8ypPQoqKyXAfKGsXaAGWV2KyAX0AEZjrEU1p9FHAKue2K-QP_SYsobUwUIy8WnwZeDxWRbTaCIjVatRmsAtK3nP1vO7YYD_0tEJKwVTn-edJCZI_X6-zNCSRRhqfHZVzew77T_ZF5BtmcJbKygSI4qnRWAjXOYFNsk95QmkbZqW_qt-NARL60uXbkGcUddNTMvjqGP38urvWxSYwlt5jtJTjb9nUpVX7L9NGp9fRpMxSu8OZ-pgWzBTu_INGjA5jln8XUyhi4mBN3qhigBVGJykmLaPUie0FMfP1aK-mbFJQAlA5rM_tihr9Pc91-x5nI8PMh7Naml2W_9fBHHKDmwsQd9_Lbr_OpUkDEb72pcidz4A1aao48dPr_3CIZir_4Fm3Vbpn-28NuOvpBmDQxLmOYTfsFuLhM1WAFqRnJRxRVCLVf-Sxz1CjJBofW5Et-8Sn7qjscdgP4Cl5gRhWd0TxhBzOT5yZV_RcCUESmIDqbGGF-HRcG1fWCn9qvZXVOSGYJwdMx1q7EtQ-YS0iSEIk4QxVB6Okcex3N6QacxZyooh4U2XRoHivSu4yonyeeMtgY8S-K3RNvfDF3rlYZDwYeuSDPYEPN-NjylMDOjwgFKhIy3_zlk5o-2V9fXaqfAleYUiYsf7ThkXCaZ6MMqTfN9O0ZD2KN-eCNADkU5lpPUsJ3hxWFqPpqVOIqQfhFyf5JbqU0sNvo55acbD1oapsr0PgHyXrmyb9Ybg3Okxnz40pWjPIhYTASax3RMoh1VDJyKfR7lPEQ4lxNHiw_KPp25wwr-sLzNYKFeL_6Y9Tm4thfDIdPIeazmviGB4IoZT8AwMp7T_XFwiGHZdnwwvCMtPAAoeEeNa7-VkVTnNcm5yLPIcXT7TRM91zlAv6AAgL7Mw6JocBQDuRYsjVx4IZUq3AOUeKcVS7sk4A9Ln6Z-uDxIaBXDWZKlSV0CxRO-BLVInQviw2IKGzMxcFg76CN4l84tP2Sae25H8iCaZYcafJ8fjles-VbAhAXrI1DNRN9oJmjoFu750jBE6qlLCpzxuAf2WpYp65UaqzeZFeUQBT94ppbzuFQdrN3nMTIgPGbLztkpPGluoK5aQJeh48AREGGTafKq_uKnqIvPCc2tmEoU7kb26_kCeJ3EncEeTW6671xpcjWqe0JT3gtMSMdnCszIffXlX27-RIfbTBHyJknqjGy1gYABhl_lfw_ufzY_iW3F9vnMuVX-AtgNP7wg0JntADO5h-6RrnH2WvS_F2w56Y_z4xMoCK0QlMnG3u1-42RlYXmT_5L9eeuIFkNr_UqOSFYtYmPob0xOw4SmEZaFZ-TqtLBrl-P3hY5ww8WOi5BdV2SlkI3NiyNXSC_IU6-V6PIf575DFpCRoPr5Vo4MPg1Nx0wLcYc3FQIo3soT7YGr_OacxIjcAqD_TwFQf6oABgID2mlZF-otwcRTh6F6XZ2An1vP3TAWfXzzoWVTkRVohlIwsUyEELdNXpC7HuKxJJXHKiZ19hn562m9Opmhvyt-gtMo_MPjG-eXY4mnESt9V-O6WW_Jik3-PeT7B36cEgWsaQbewiiClhltu4Kl-qXnQ2fdc7CCsEVJVUvRsLGBo2iOBV-kuFKVuTHoRloXQeJycGE7gnHZ_Vmw8DANncFDOry1fvSP0Hhbsf-7DM2ASls84Seg-lo-cB5GU9yP7SzlYVjA2nP2eLLmgdtWmBRM7_dehbYaErvOgZdJ3CRoiMi9S7cuG1DSDJRshAwLC8aLTZQtd7xBA47IId-jI8Dgt2FsysrUqcDFW4vzi2htXhUMdqdGyTs7eiOzWNKbvJ42rbkU-VLCw4bYT0EyqwUqN_plTtAIYRDhkoyLmPgupdIDNpMLFG6Yh-L662P78wqH9QgQN2UlZwno54_-UQeFBMg1VocWTFdOLtjVkgOqn-UxP2B7RoxWiszRYddAbATht6MI5-cL-MRkZrK9mc_MXUCBV9LYvTSZ4axiXdWQPPVY0qN0LEiOE072g7wtx6BN4V7zZdNLb_3XjZGdCEiQXx82TQ9Z4bLQutQhIs5PKR6Y_fCzc0P-FjmYyz0S8_rcNEN_lsrqDrwJSmP-A_kf5_WbGCzUGd8aW9Y878Rd_11KxZ28WfgBTtYP9-XEeEnqClHbpj88WxlSi-2TwpC4FrNhzpNQfqa7wWxkTr6Co7l6aGCHqc07g&cid=CAQSSwBpAlJW9jiGcjLq9rVfeBBNt1gVnm0aY6uzjDLii3qIspgdkZG1JAQa8-k1IkxjyDNnLl8UGoUdzMha8tklPkbk2kK0_xQOaZm4RBgB&dc_eid=31076403&dv3_ver=m202307240101&rfl=https%3A%2F%2Fbg.m-almahdi.com%2F&ds=l&xdt=1&iif=1&cor=15424832353986013000&adk=2228999115&idt=103&cac=0&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:26:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/ Frame 60C7 30 KB
11 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 15:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11572
x-xss-protection: 0
server: cafe
etag: 5014499061205845695
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 15:18:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 60C7 41 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:23:14 GMT

GET
DATA 200
OK truncated
/ Frame 60C7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8232a8b100fa4342291445890944b38781491e517ee10b765a8f464ff852d85d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0237 22 KB
8 KB 34ms
33ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 263594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 14:49:10 GMT
expires: Mon, 22 Jul 2024 14:49:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
24 KB 93ms
89ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: QFY4N5AZD1WDDC6N
age: 2375
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ecddde88e6c3719-FRA
x-amz-id-2: cUqxEceAZFATlYCgoa4isjGb10iJCu6mHxwRp9HM+s2zfdjs2XEkh9AGwGIBeMTzTVpBIZ9REiQ=

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
403 B 122ms
23ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

af98ca373a320b7aa3890f59d331b13feecffe607434f2b16696819cce402e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.m-almahdi.com
date: Wed, 26 Jul 2023 16:02:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
403 B 108ms
22ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

dd5c42d2e3b1606ac28caab2e48cb1db4e63c3a669e5bbdb10dd27fbdb5ac1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.m-almahdi.com
date: Wed, 26 Jul 2023 16:02:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
403 B 116ms
35ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

1079995ac387199f8ec11abfb02d93f79f88363313dd3d3fd7cc1d306c1a4aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.m-almahdi.com
date: Wed, 26 Jul 2023 16:02:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 40ms
39ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:24 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=163644
accept-ranges: bytes
content-length: 63913
expires: Fri, 28 Jul 2023 13:29:48 GMT

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 241 B
651 B 90ms
22ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

3e9ae9b1ff44414e468fd10101c6bb98202a767e3726fe92a3e8f67678b37a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.m-almahdi.com
date: Wed, 26 Jul 2023 16:02:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 240 B
650 B 90ms
23ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

d4e70af82bfee4465bb7197027ffb4f3b28e81c16d64301b88fcc5836d647bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.m-almahdi.com
date: Wed, 26 Jul 2023 16:02:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 241 B
651 B 90ms
24ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

4b6c9cadfa09d706be62aec040e8511b56ff4cee94df50521744cd93b03806da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.m-almahdi.com
date: Wed, 26 Jul 2023 16:02:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
403 B 39ms
37ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

c9461fa5881fac58c953e57e071582cb4a82254fb3b0ce874c0c1249374d31bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.m-almahdi.com
date: Wed, 26 Jul 2023 16:02:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 n_one_vway_lopesan-es_np.js Show response
bucket.cdnwebcloud.com/ Frame 60C7 1 KB
845 B 143ms
39ms Script
application/javascript 18.66.26.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_lopesan-es_np.js?n_o_nu=not&n_o_aut_tc=355189358&ord=510232657
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.26.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-26-9.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e0858cce8f7c711ef2a0ee1a5bc9282b9831c477ce1058ee388d35268b7c916b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 11:40:17 GMT
content-encoding: br
via: 1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
last-modified: Fri, 30 Aug 2019 10:34:27 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 15728
etag: W/"fd472fae696d03f19e9adea5b82f554c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Vzt1kapuPz6DgEX2xZu6oPkfDAs7XjFsy39FkVZVAokEDjhApGf7IQ==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1673226628127499181/ Frame E5BC 160 KB
38 KB 84ms
34ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1673226628127499181/index.html?e=69&leftOffset=0&topOffset=0&c=0uQo5psKvT&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89adcbf58b300d221bdc89b14f327ec5a116eb32ac8edd533d19fe214ea79ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:02:24 GMT
expires: Thu, 25 Jul 2024 16:02:24 GMT
last-modified: Thu, 19 Jan 2023 10:25:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 60C7 0
0 224ms
90ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJ3E4ykCq5KnO0i-PL0RIZDuxt0vB7IsfcgdPuXkdXfAeeZ0mEsxxMyfKLjnoATE8GfkLBIJB1RHJYbU1UbgfbBk5SOCD5_68ad2m-MjXDq7FasrCq1CBYeXTVsPOVdVzjzwz-Qr2Mhcftz_sTkcQxEm3hSc71kLebzE57th2Y3gnTF7OfFSsORGgKadJJIJ8Tfve2MbG8T5XFBzq4DDWtB3I1Pi8y59lFuhRsSt3RqmnX4rV_qStIdSht4HWBBqEyZ7DhEg4-lMrEpSfowPP0CMsAtljQwU_WlH-a_ZIdftx59OCq45GJbqsalFkawl0N6xSousJilpQrdc1vmI22N-mNKW5NI4Fg4Ztgov7IaW2Q7eB7qdnKz_l2Quf5Z2Hg3B0U3xorQLlueGTegSIL6hB-l2K0bO9uejqxZXo41-aY1cjq74fr_9vzMkZDDuwtfHGAWnV8O4AcChBhtp-7OmO0GsEoltF3F3z5hUKY6xwW6sLVPZULZXIVQHdS7LpbfkwQ4WiTD08RQoT7TMe_8nMzsK7VhsY5plAGl760v55xq-7bbm3sWhKe7KM1Z6njHeGoA0gwIfBThHHIFJY3XAWOnDR99LCbJfju-jfvuNztT29YVD6oW-26oke4PY4IGAGB0uxQUFQUdZvxActngpFcK_WASKerzlV91xMgbN2CZvtZV2-spFbT-lOI5R84pZ5bdSarXYB2ChMUMvkZ_OHtMSHwwknJyAqw0BJSPluOKQ5ezNp1UikyIsIAcj7kUio715Sf6pOIj43SU3JV0zHUQWksWVouiGz-h6Rdb_K65Uaot9xEwKmriZWoLFvWNrytN1vgAttVm3v5vt1x_q5xbKT3pU4dywUKHQvaru7G96VNOA-15YFC2XlJWqLU4n03b5JFJLHVKhldWWNQDKZMIE7HbVcNLPVOfOpMOF2LlOoblVQaXZxiDYDPmP3vJw0ulSukV--Tq-RH0jzW7XbpbAIEeXi6eYS_X7LPZxaAQAFIulGjo_y-XWXjfVXP1sVdQhhN_-QOCU_CoKtduDVnyTQ1AlSCaEKRAvcy9ORgiIX1prYTHJz-DdNFLmR7G2m4ihMIAHxolMDghTVkJoYOeI9b_WO88CMk0W7ICChIULEjGN4JypRmPlBIT3Lmls54-gSZ3cOfP0QrkNpFt7xfdhNOl7YpJFlR1G6iY6aWrl_QlKLP4mXzhkO5c4M20n-iigOqXlcx2RuLO90kqylRpTYU1YXcl8LZxq1sqqh1TpepYY9rqc_e44_XbGGe9oDzZkNW5-httvo4ab55w3szA34zHaghSg&sai=AMfl-YQlqAykrHseteKtXfpI72o8LUXo_JWYJngfx_Q2fEy7tj_s9evoAYKFoBqRVezMsi92TW4qIlQ2-YqAoiWxqTJIAv0-fhZ_TBktD8wKh_CM8REu5egi9Ub0ojp7HE-kfPNgUiEz8IzJ6j0u3wCp8QbP0klskQdyN6jipwJQ0rEAdRRKL2mCljLWNsLZZDsXJXOl2dM7GaiC8p0A5HIKMG6N6JQ_S627JxIDbKR8Zf9L2d0CB79cHfZshbKQvqpwzqXen0XrGmMU2lNOkcv60UoxPx-E4vG5&sig=Cg0ArKJSzPoy7SvE2ilkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=374&cbvp=1&cstd=355&cisv=r20230724.30778&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Jul 2023 16:02:25 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 26 Jul 2023 16:02:25 GMT

GET
H3 200 MefDsIjr-126UL1ZlRxjISGtS5GmSa44osRgNBoPAC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0237 37 KB
14 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MefDsIjr-126UL1ZlRxjISGtS5GmSa44osRgNBoPAC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31e7c3b088ebfb5dba50bd59951c632121ad4b91a649ae38a2c460341a0f002e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 11:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14565
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:31:19 GMT

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 241 B
651 B 26ms
21ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

514462af838b5724780d25c832a77ba6c4da30aa2167c3ebf964aba8085d50cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.m-almahdi.com
date: Wed, 26 Jul 2023 16:02:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307200101&jk=1300081067025427&bg=!QEOlQxfNAAa0yfNklMk7ADkAdvg8WrtwDB1_bW9OdgFa-02Lw3weKRjJCn2KbMUA0eQLOt0ClixzJIr2wDfVzm3PnYdei4LOqnMCAAAAuVIAAAAKaAEHCgCLHbdB5qMruFbPlNXvfED4C4w1vH8dxDpaEY7DPylxS8De3VmNaW6ZT2BxG7kol6IvfHpEMAeOfo69alONrxPfudNc4dvST8HqQj-boBHeV-6J6C6e126KDq144X51JGqgAlZTICBPm2m-2HfJmUNOao0OlI-BopBYknK7HHbzLkS7hnTgEfkHeUpmf5kCsMVwIWN9_jKFzQF9zBLORSlnrr9OwOdYkVqDh-lnysl1_W4PB1Pa2V-MiFJArEGlBXREIt20Hc9XJsmSdULt3C4LOcvkbsFAckSfKBPsAJ9GqaGP9sd12MYOGGr34SdopWg2mLZ_nvcCfcbA92pQEjorWTBrfI5CjJddaauR8FQJycq0cfcGxJGqLh88WFWr5IJkVGJ4bvVpOolG56HWs43rnjLlMcKenh36eXBCxSNlI7BRHUm0vGetnERxSgRGgA-V0LJPQ4AxsNrc8kNd7cIz7gZCnMpVgw__KlL0mKg3b5MGMpT1fncopab3r6JBncqrkU266JBbF85ixtbT2iLt-nUxqPxgweWWAECeHvXmT7EDmH--me7FqdMjIat-HyQD-NMGWUhaTLj9bYin0fNiTJOjmXE6BCPId8ltaCDxJYYLHoeMeLh8Xw28_X-RRyJBmBW8FN3uiQstJdLCEl4dVEOuCM7R1abnoaUrY5NH9AeDKKWjg3eiNz3KpYcCBpKP_XPyrCju6YEQAx-jwq2KDeRihW6cb9q3MbsQq5ECz8jQxOe-Sa_OtPPalJ6s_KbzxJQtxrOi1vVplGujjEoppd6wE9LM5R-StONPRWZVEcPhKg3hHnPvHn_u_vRtoGQGLn3DnHEMf35-5EmVU-kpAGR4bnIMVlsfuEsUucxKzIkLzR5JtGrY_hedm4m1rp9Q0kVTgPmSTDIOcugWX3XpOxkQcVb9JLwxHApsTSYVTjDCKKp7CqzABD3BpNwvdxftw2Opafrr7UI5_2Xa4vfSP3nxgmOSLnLihPmc8kF3kDqruh6sYpS2nI4C_MljJNmB-FpBBE3T03OgebmqFEZCWqOi7gaDUv1yrtqfQp6hF16DeKxYzQhEgBT4-xxg-HBFcpVFo6nEPMH8f4ELXCs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame E5BC 118 KB
40 KB 54ms
20ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1673226628127499181/index.html?e=69&leftOffset=0&topOffset=0&c=0uQo5psKvT&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673226628127499181/index.html?e=69&leftOffset=0&topOffset=0&c=0uQo5psKvT&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 19:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 19:02:44 GMT

GET
H2 200 noah.min.js Show response
bucket.cdnwebcloud.com/ Frame 60C7 19 KB
7 KB 46ms
43ms Script
application/javascript 18.66.26.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/noah.min.js?1690387345092
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_lopesan-es_np.js?n_o_nu=not&n_o_aut_tc=355189358&ord=510232657
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.26.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-26-9.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10e4ebacf9fdc329d721a17f2a0d42fc77def0cf25766d0450bdff232a27d97e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:07:34 GMT
content-encoding: gzip
via: 1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
last-modified: Mon, 08 Feb 2021 12:39:20 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 10492
etag: W/"79bdbba51b195bc000950e9ac2e73e9e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: RthlMVvtiXjeNyOU1-nLRbhL7FCCPk-NcvdUZkE_mgFjGI1oxpoeyA==

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 60C7 0
0 74ms
73ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJ3E4ykCq5KnO0i-PL0RIZDuxt0vB7IsfcgdPuXkdXfAeeZ0mEsxxMyfKLjnoATE8GfkLBIJB1RHJYbU1UbgfbBk5SOCD5_68ad2m-MjXDq7FasrCq1CBYeXTVsPOVdVzjzwz-Qr2Mhcftz_sTkcQxEm3hSc71kLebzE57th2Y3gnTF7OfFSsORGgKadJJIJ8Tfve2MbG8T5XFBzq4DDWtB3I1Pi8y59lFuhRsSt3RqmnX4rV_qStIdSht4HWBBqEyZ7DhEg4-lMrEpSfowPP0CMsAtljQwU_WlH-a_ZIdftx59OCq45GJbqsalFkawl0N6xSousJilpQrdc1vmI22N-mNKW5NI4Fg4Ztgov7IaW2Q7eB7qdnKz_l2Quf5Z2Hg3B0U3xorQLlueGTegSIL6hB-l2K0bO9uejqxZXo41-aY1cjq74fr_9vzMkZDDuwtfHGAWnV8O4AcChBhtp-7OmO0GsEoltF3F3z5hUKY6xwW6sLVPZULZXIVQHdS7LpbfkwQ4WiTD08RQoT7TMe_8nMzsK7VhsY5plAGl760v55xq-7bbm3sWhKe7KM1Z6njHeGoA0gwIfBThHHIFJY3XAWOnDR99LCbJfju-jfvuNztT29YVD6oW-26oke4PY4IGAGB0uxQUFQUdZvxActngpFcK_WASKerzlV91xMgbN2CZvtZV2-spFbT-lOI5R84pZ5bdSarXYB2ChMUMvkZ_OHtMSHwwknJyAqw0BJSPluOKQ5ezNp1UikyIsIAcj7kUio715Sf6pOIj43SU3JV0zHUQWksWVouiGz-h6Rdb_K65Uaot9xEwKmriZWoLFvWNrytN1vgAttVm3v5vt1x_q5xbKT3pU4dywUKHQvaru7G96VNOA-15YFC2XlJWqLU4n03b5JFJLHVKhldWWNQDKZMIE7HbVcNLPVOfOpMOF2LlOoblVQaXZxiDYDPmP3vJw0ulSukV--Tq-RH0jzW7XbpbAIEeXi6eYS_X7LPZxaAQAFIulGjo_y-XWXjfVXP1sVdQhhN_-QOCU_CoKtduDVnyTQ1AlSCaEKRAvcy9ORgiIX1prYTHJz-DdNFLmR7G2m4ihMIAHxolMDghTVkJoYOeI9b_WO88CMk0W7ICChIULEjGN4JypRmPlBIT3Lmls54-gSZ3cOfP0QrkNpFt7xfdhNOl7YpJFlR1G6iY6aWrl_QlKLP4mXzhkO5c4M20n-iigOqXlcx2RuLO90kqylRpTYU1YXcl8LZxq1sqqh1TpepYY9rqc_e44_XbGGe9oDzZkNW5-httvo4ab55w3szA34zHaghSg&sai=AMfl-YQlqAykrHseteKtXfpI72o8LUXo_JWYJngfx_Q2fEy7tj_s9evoAYKFoBqRVezMsi92TW4qIlQ2-YqAoiWxqTJIAv0-fhZ_TBktD8wKh_CM8REu5egi9Ub0ojp7HE-kfPNgUiEz8IzJ6j0u3wCp8QbP0klskQdyN6jipwJQ0rEAdRRKL2mCljLWNsLZZDsXJXOl2dM7GaiC8p0A5HIKMG6N6JQ_S627JxIDbKR8Zf9L2d0CB79cHfZshbKQvqpwzqXen0XrGmMU2lNOkcv60UoxPx-E4vG5&sig=Cg0ArKJSzPoy7SvE2ilkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=731&vt=11&dtpt=357&dett=3&cstd=355&cisv=r20230724.30778&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: bg.m-almahdi.com
URL: https://bg.m-almahdi.com/the-fukuda-stepping-test-260d6228-2a4444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Jul 2023 16:02:25 GMT

GET
H2 200 atp
neural33.cdnwebcloud.com/ Frame 60C7 74 B
324 B 130ms
29ms Image
image/png 52.215.129.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural33.cdnwebcloud.com/atp?1409690007714=&n_o_aut_tc=355189358&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by: Host: 2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com
URL: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.129.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-129-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Jul 2023 16:02:25 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 74
content-type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E5BC 7 KB
6 KB 65ms
64ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1f43ba4914ca1607afe812192fe3eb1f7ba986b0a9f48cb1c79d0210aeb1185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5739
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E5BC 17 KB
6 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jul 2023 16:02:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0237 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYncXkEPBZKG3G4i4x_AP8bunwAkAAAAAOAHgBAI&bg=!3d6l3orNAAa0yfNklMk7ADkAdvg8Wiv__E4G5JMSpeZ7apyvyBrntsHAvzRVHHdGJvjA56eDbOtGJgqnGY4plcSSc5YSSMhYJmYCAAABtFIAAAAIaAEHCgBmNwdo0FMOY-hMy_O_RnAoMIhzOYWLJQDEd6XTXa3MMXUij1jEXjPtyYKAvyi8vQFW8vCn1NYgIgZx2Q870orVA0Y4zgzvzj_Ty2pf0mt_MpFEfDS-2RUDeedxyzeIxmjIB1f-JYJBmQLweYclNcPMUWPr1ndvurRzfTusBUzGzKzljyepIkxPU1lc4KBhFNBonnju3Fl3MDc0sa4BXpaCtcSdqiar6PR_YUcAWSn5u8rQK3_sGVSYGQZJlvdLZpv2V7vUhlKiV_EUMvfnlNwIam-GBeTkBHFFOXRm1LQCY_-eVj7RN6JbgYg6YKEWsP1UAcccnfZO2dDHDQRwbA3gQ7oDzJ27-FjLNCrJjxmv2OPly3B5O3_Bzg15UhABF-LGh-e0ALn59aZY00Qv-EStfur3UKBtPb6aD45NChq2jcY4ro-Ap95AM9BB64VosdOWUB6bslXS3AgcqLBKRNNxZApQqsB0VMbZifNu6m9gn42buGzb1Rj_GpQxK9lnUGl2_lQDTfrEXBmG-NWcz0E8T_smkn5tJh2sEVyBFgiwvWOCasZyAMsX4pcW31l2KRPLyRmH-fgE56Ev3cb17FVa9uWncExSxfFoB9V5y0gln9k9IzBrskyjpiN1zrLwh4-YWF4BHzP5DUYxhKpas4yL7q_QblrfEAez1Wc2XuqBVqJYqiYGEBYdoBsqAk6rjlNd8JZIwoqsOm6D4zakPC8-tCKsMQ_I3ksGhuz8_7nj_t6Y5PboGvFplNaykIv7IkkmlvVEdF4QTp-0BiIwG_0eUBEOV3PIyzkIyJiQ5Q_O7PpP_xkSTmnZILGlR_gxjq7hAayH3k-fqMmjIjnVy4N9ylHBnzD8EX_R8dyLQsf-R5Ek3iGd_02sRt8TFq89e_a5SBgchpbDI41mQZmu8oVJh8_QAe-YifZjHF1FaPQEzfmIoGE1UtmPb9olYiDs1tpeE0ymevRmOKwd00IMJvEF1OFYcJoHXwrTCrKBQ47YBShc6a-yE83uzCNPdn3X-01JJOYIhVPEfgAOagKg7ebqoNDNx_VCl5MoQXKaggJej8iN_dSNt2MR_mHuDBvjMEygV4YRSHBCwcS4o4935dCAobHjw60Q5oIWV_Fb-DZmxtl5oTg3J4-p6FU

Requested by

Host: 2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com
URL: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 BourtonBaseDrop.ttf
s0.2mdn.net/sadbundle/1673226628127499181/ Frame E5BC 26 KB
15 KB 69ms
59ms Font
font/ttf 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1673226628127499181/BourtonBaseDrop.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

953f9c59181a408a239bc79ea342c607d9740dd33d97bca39179383ed4fe1b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1673226628127499181/index.html?e=69&leftOffset=0&topOffset=0&c=0uQo5psKvT&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15241
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 10:25:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 Jul 2024 09:37:27 GMT

GET
H3 200 BourtonDropLine.ttf
s0.2mdn.net/sadbundle/1673226628127499181/ Frame E5BC 55 KB
32 KB 69ms
60ms Font
font/ttf 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1673226628127499181/BourtonDropLine.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afbd30c1ad67286eff72df63b5d563a6d3827c01bca881013ae87982930ac369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1673226628127499181/index.html?e=69&leftOffset=0&topOffset=0&c=0uQo5psKvT&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71205
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33131
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 10:25:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Jul 2024 20:15:40 GMT

GET
H3 200 60031878_20221006041202482_abora-interclub_atlantic.svg
s0.2mdn.net/ads/richmedia/studio/60031878/ Frame E5BC 9 KB
3 KB 43ms
42ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60031878/60031878_20221006041202482_abora-interclub_atlantic.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddde056e7dac17609bfeab5d50df6f4074d5374167d9a9a0464fb49ccf9ffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673226628127499181/index.html?e=69&leftOffset=0&topOffset=0&c=0uQo5psKvT&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 09:41:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3469
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 12:24:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jul 2023 09:41:25 GMT

GET
H3 200 60031878_20230117245704600_abora-interclub-atlantic-v2-658x1152.jpg
s0.2mdn.net/ads/richmedia/studio/60031878/ Frame E5BC 171 KB
171 KB 43ms
41ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60031878/60031878_20230117245704600_abora-interclub-atlantic-v2-658x1152.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22f20e1905a68a27c5cb1d3857a25c58f6c4ec37247edb4ab46645b7f03d3754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1673226628127499181/index.html?e=69&leftOffset=0&topOffset=0&c=0uQo5psKvT&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 09:41:25 GMT
x-content-type-options: nosniff
age: 22860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175364
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 08:57:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jul 2023 09:41:25 GMT

GET
H2 200 avw
neural33.cdnwebcloud.com/ Frame 60C7 0
105 B 71ms
34ms Image
text/plain 52.215.129.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural33.cdnwebcloud.com/avw?554539857273&n_o_aut_tc=355189358
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.129.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-129-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Jul 2023 16:02:25 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H3 200 MefDsIjr-126UL1ZlRxjISGtS5GmSa44osRgNBoPAC4.js Show response
pagead2.googlesyndication.com/bg/ Frame A366 37 KB
14 KB 31ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MefDsIjr-126UL1ZlRxjISGtS5GmSa44osRgNBoPAC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31e7c3b088ebfb5dba50bd59951c632121ad4b91a649ae38a2c460341a0f002e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 11:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14565
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:31:19 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 60C7 42 B
64 B 127ms
127ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdFp_2MerPb3YX81_RHxpdHu-vB7y8YfkzgLkYpRGFROG9bjX4TpJj-UFyrXIw5Lg2v1OCREZgf4AP3I1lZfjjHupVAf-7k9lImpZchU8BDHN9ZH2zRZaFt2Ojqqc4M54QCrQxFrAWi9x8&sai=AMfl-YQfe_Cx9l_wyhIMmfLujQUmVVv__gUtqmjDW0HoZVQM9XA5kTf_aw4cw8rzhgDE3C7tGmJf2Wo_BWNrTmN6nzzdXSDk0L41G8LGnRmv9jKdkTSZHFSukgn3P1aOx989FLyDAp1rOg9A7yMg&sig=Cg0ArKJSzB7C-_iwWLMQEAE&cid=CAQSSwBpAlJW9jiGcjLq9rVfeBBNt1gVnm0aY6uzjDLii3qIspgdkZG1JAQa8-k1IkxjyDNnLl8UGoUdzMha8tklPkbk2kK0_xQOaZm4RBgB&id=lidar2&mcvt=1024&p=1110,436,1200,1164&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20230724&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4020489585&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690387344212&rpt=356&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 c
c.mgid.com/ 43 B
194 B 25ms
25ms Image
image/gif 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=324|112|28|fCY8XU1wmYAaqCt0CpUYeOoYuYisZtgOxw_n5MTaKXHZhdrzsYrMNvW-1Gqhki9jiLP-b7nFTiIFAAYwuqCWOQ**&fw=1&extjs=66044&v=324|112|28|fCY8XU1wmYAaqCt0CpUYeEuvKlcj1OkeZkGVqE-B6sLcEWEBAw4eLC0kKQBRjYAaSPYQtroc4eapuNEjta8n6A**&cid=1305779&h2=Lt1IuMFs1o7zYdTGyXX7JWYCNfT0awhOT4iHhV0sjrY*&rid=cf6d251b-2bcd-11ee-83ed-e43d1a2a04aa&tt=Direct&iv=11&pageImp=1&pvid=18992efe9e3adb9a6c1&cbuster=1690387345641150867141
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.m-almahdi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:02:25 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9e6b01d9-9fc2-4dce-8550-28a11bdc2d32
server: cloudflare
content-type: image/gif
cf-ray: 7ecdddee5ac4b8e4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 60C7 0
20 B 52ms
51ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5860249383597&version=m202307240101&ct=76&x=1&cor=15424832353986013000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 40ms
14ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.m-almahdi.com%2F&domain=bg.m-almahdi.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bg.m-almahdi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://bg.m-almahdi.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 26 Jul 2023 16:02:26 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 211452
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
374 B 15ms
14ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.m-almahdi.com%2F&domain=bg.m-almahdi.com&cw=1&pbt=1&lsw=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bg.m-almahdi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 174707
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
391 B 100ms
30ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 06b4bd6d9b467845dfa2d6718b4cb832eebf4e2a51d56a7014af5528d1ac5932

Request headers

Referer: https://bg.m-almahdi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Jul 2023 16:02:26 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bg.m-almahdi.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Fri, 25 Aug 2023 16:02:26 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2F28 52 KB
17 KB 96ms
21ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://bg.m-almahdi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 26 Jul 2023 16:02:26 GMT
ETag: "623de86a-cf34"
Expires: Thu, 27 Jul 2023 16:02:28 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 2F28 0
592 B 20ms
19ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:26 GMT
an-x-request-uuid: a5342a2f-128d-49bf-adda-7b7e0e746e76
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 5.79.98.51; 5.79.98.51; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 2F28 0
592 B 31ms
30ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:02:27 GMT
an-x-request-uuid: f71159cf-7d90-49c7-ab30-2fc07810ffec
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 5.79.98.51; 5.79.98.51; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dr5.biz/	1970-01-20 14:16:19	Name: uuid Value: ae7bc598-026c-43b4-ad5b-90ddeaac4b7b
bg.m-almahdi.com/	1970-01-20 13:43:12	Name: __oagr Value: true
.yandex.ru/	1970-01-20 23:09:07	Name: i Value: kr9iRBWC9WxXYxfBweGZUbPlSrtaIqWscG50FgkqwtS0d/MqPBGM5f4edsqzqPQrtLukiybfktMveTdZ/xItYdzA72o=
.yandex.ru/	1970-01-20 22:18:43	Name: yandexuid Value: 7242825131690387342
.m-almahdi.com/	1970-01-20 22:18:43	Name: _ym_uid Value: 1690387343226495519
.mgid.com/	1970-01-20 13:33:09	Name: __cf_bm Value: tcglzdw8EEkiUYGV.J6mqj07YjqmxsaiUAyKD0urHBY-1690387343-0-AfpITPbIk3DU6Srky92aLm6lvs14Hg9/bkc4G//ccR6qWYfNhHO3KyQ84NBkfEdhRg5zTusYgAgixGQTkkw9uyo=
.m-almahdi.com/	1970-01-20 22:18:43	Name: _ym_d Value: 1690387343
.m-almahdi.com/	1970-01-20 22:18:43	Name: _sharedID Value: b46f6f87-2621-4987-92b0-6f860c1dd1fc
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 369665311690387343
.yandex.ru/	1970-01-20 22:18:43	Name: yuidss Value: 7242825131690387342
.yandex.ru/	1970-01-20 22:18:43	Name: ymex Value: 1721923343.yrts.1690387343
.yandex.ru/	1970-01-20 22:18:43	Name: bh Value: KgI/MA==
.m-almahdi.com/	1970-01-20 13:34:19	Name: _ym_isad Value: 2
.adnxs.com/	1970-01-20 15:42:43	Name: icu Value: ChgIis9gEAoYASABKAEwj4eFpgY4AUABSAEQj4eFpgYYAA..
.adnxs.com/	1970-01-20 15:42:43	Name: uuid2 Value: 8019647985279347125
.m-almahdi.com/	1970-01-20 13:33:07	Name: lotame_domain_check Value: m-almahdi.com
.criteo.com/	1970-01-20 22:54:43	Name: uid Value: 4b5ea2cd-5354-48f1-93f9-c99fe6f3d800
.openx.net/	1970-01-20 22:18:43	Name: i Value: 006c5895-180b-4a19-91c3-e3cc8cf4958f\|1690387343
.m-almahdi.com/	1970-01-20 22:54:43	Name: cto_bundle Value: h9K12l9oZ1dkM29FemdBeFJZaEdRMDg4TVNTJTJGM0xvMDZBZ1ppVCUyRkYlMkZCYTQ4YzZVVXFXJTJGeG1VRFZFekZ6dE1aRnclMkIyOThsUkg3d3U1WTNKZ0glMkZKTG91UFF0cCUyQm10cXFxQkhMRCUyRlZGZnZ6cTQ5Q3VMNjU2RWN2VGdvOHlaT21zeG1idjBUVWhpN1NmSFNGVjFnRnhYS2EzcG5RJTNEJTNE
.m-almahdi.com/	1970-01-20 22:54:43	Name: __gads Value: ID=76a65cd7550f3cc0:T=1690387343:RT=1690387343:S=ALNI_MZImtENhLso_O2qSh2MhDcc9DT7PA
.m-almahdi.com/	1970-01-20 22:54:43	Name: __gpi Value: UID=00000c47a16b12a0:T=1690387343:RT=1690387343:S=ALNI_MaO9rBDxLdqeRzUc-bDqoTdPDkyhg
.doubleclick.net/	1970-01-20 22:54:43	Name: IDE Value: AHWqTUnImgWd_liTRtdQ0nqiSgdtzwif70mXayoQPO5UGl1M03H0umo_Zj6_Rf4B
bg.m-almahdi.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C1102315%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221690387344366%22%7D%2C%22C1305779%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221690387344447%22%7D%7D
.doubleclick.net/	1970-01-20 17:52:19	Name: APC Value: Aa3gxNrqYaMBQjbr10PWL8YOwv-k1A8uN0QZHp7hEhsS734zh8LMQg
.casalemedia.com/	1970-01-20 22:18:43	Name: CMID Value: ZMFDkOt2BaNf1tl46NO96gAA
.casalemedia.com/	1970-01-20 15:42:43	Name: CMPS Value: 5179
.casalemedia.com/	1970-01-20 15:42:43	Name: CMPRO Value: 5179
.adnxs.com/	1970-01-20 15:42:43	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU]^RqY]!1yIE`fS1ueD1W-044)d+]Ue4X>#iW(AiO7Absi0ri0CUXut(V2QRr6J[%^S9RFMZ9T5_m!wwx^)o*K=
bg.m-almahdi.com/	1970-01-20 14:16:19	Name: _pbjs_userid_consent_data Value: 3524755945110770
.neural33.cdnwebcloud.com/	1970-01-20 22:18:43	Name: n_one Value: cfc78c6b-2bcd-11ee-9c74-0242ac110002
bg.m-almahdi.com/	1970-01-20 22:18:43	Name: unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-07-26T16%3A02%3A26%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://a.m-almahdi.com/pic/what-is-the-best-portable-air-conditioning-unit-to-buy Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2acae297395813fb43f58d6d63def6ff.safeframe.googlesyndication.com
a.m-almahdi.com
acdn.adnxs.com
ads.pubmatic.com
adx.adform.net
bcp.crwdcntrl.net
bg.m-almahdi.com
bucket.cdnwebcloud.com
c.mgid.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.prod.uidapi.com
cdn.zx-adnet.com
cm.g.doubleclick.net
cm.mgid.com
cmp.optad360.io
dr5.biz
dsum-sec.casalemedia.com
esp.rtbhouse.com
get.optad360.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.ytimg.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
jsc.mgid.com
lb.eu-1-id5-sync.com
m-almahdi.com
match.adsrvr.org
mc.yandex.ru
mug.criteo.com
neural33.cdnwebcloud.com
oa.openxcdn.net
oajs.openx.net
optad360.mgr.consensu.org
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid.a-mo.net
s-img.mgid.com
s0.2mdn.net
securepubads.g.doubleclick.net
servicer.mgid.com
site2text-2021.web.app
static.criteo.net
storage.googleapis.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.bigmp3db.com
www.google.com
www.googletagservices.com
yandex.ru
yastatic.net
141.95.98.65
142.250.184.194
142.250.186.34
147.75.84.158
151.101.65.195
162.19.138.83
178.250.7.13
18.155.129.39
18.66.26.9
185.184.8.90
185.80.39.216
23.32.184.192
23.35.236.188
2600:9000:2156:a600:6:b871:4f00:93a1
2600:9000:2250:3000:a:e047:753:be1
2600:9000:225e:ba00:11:a4de:2580:93a1
2606:4700:10::ac43:266a
2606:4700:1::6813:844e
2606:4700:1::6813:874e
2606:4700:3032::ac43:a17f
2606:4700::6810:5914
2620:0:890::100
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:811::2010
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2016
2a02:2638:3::c
2a02:2638:d::2
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
2a06:98c1:3120::3
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
35.190.39.111
35.71.131.137
37.157.3.30
37.252.171.52
52.215.129.79
95.216.65.102
99.81.215.196
99.86.4.64
00ff40239f3582dcb24ec8e9fc92b4d6a12198588cdd7b46ae619f72aba190a4
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
01ec95bc7634c6583f88ca18fc7384514312f3c762d92be4cf9a10e77dd1e968
02267c2d83ac7f9aa5d71b3b4e8aaedfa71f7a73b9dfbe2ef9b1ec87ffe6c6e9
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
06b4bd6d9b467845dfa2d6718b4cb832eebf4e2a51d56a7014af5528d1ac5932
0775ed36271f65ff0357766419f2a29933d3d7d4bddb10ec8fae1939eee239b1
09eb667287244539f4d7bc7660dbd4855e3dc0811a1f4485b554b446fc4d8e67
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
0b2dc063ba0e3f0e238d1b63007bcad869cbe77032364ac931768592f99374f2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea9cd6d50565422915cf975d61f2124d19b0ec2c9d944df29f99f8023bc5d6e
0eb41fd218b07ac20837ddd25bebaf331aaedac998163dd2c91f9e8138aab5a0
1077787af544907092b9d822bcf844cb722e897e79563d976f446245388889b7
1079995ac387199f8ec11abfb02d93f79f88363313dd3d3fd7cc1d306c1a4aa1
10e4ebacf9fdc329d721a17f2a0d42fc77def0cf25766d0450bdff232a27d97e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134603a1693236e5284eb3b92d5de84275528251ccecc9db60695317536246f2
13dd31e546d2d20f254567d95bb2e799e063456958329005c732191d81534a79
14a20d2443eff6ab3ff7a1c50cfaf07a26e8ff94b6c678472699a94449449597
1bc235f9ce5f14fb317bee8129315e89d2cc8edcb878b351c66cff0186dad098
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
1ddde056e7dac17609bfeab5d50df6f4074d5374167d9a9a0464fb49ccf9ffbf
1f6a5d4abbc57fd79c960a93592a334d5f83ad27d0d89e3d6d5327e0d8e5ea5c
1ff42bac2c55339100a351ea1193610f481a56eab6f0c42e1c6226da9c348c2f
20165219f34e2859a51e1cd1dec2dfe2ff518c00a91b1953f842ac054dce2fdf
22f20e1905a68a27c5cb1d3857a25c58f6c4ec37247edb4ab46645b7f03d3754
249e857e0c70aabe4d8472ae526f8e51cd00f5b3d2f90c9dbe20a6f1132b5d98
268279ad0b502c3f4168840e6743cf107685041567fcae36d38382a10dad2043
27def189bca2a93b3bd19bb770d05f0822ed51301eae46a196f254daef05e530
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c
2c21b6c07449705bed660bb4e39c8a7d98795b9631a4cd3ed422d5ba1f315262
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e7c3b088ebfb5dba50bd59951c632121ad4b91a649ae38a2c460341a0f002e
32ff9bf998cf59e2f25def004a13d818a90a26fdf631627beee581b12ca78cae
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
38135b073ce38e1204459305ff5cfab006e206ddb5688aa3a4f44ec636253d0a
3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e9ae9b1ff44414e468fd10101c6bb98202a767e3726fe92a3e8f67678b37a09
4130aa6ac7b4aa3b04e77c451bad2b9e192aa5dd16700ba238db94b477ef3d9a
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6c9cadfa09d706be62aec040e8511b56ff4cee94df50521744cd93b03806da
4c9f8896ce780802b3ae72e321551578bc76246fbb0429376acd5b1d2c92748a
4dd431dddb6875e6c0d6f0491aba3c3834ae981797db8b7899e63ed6e8ceba69
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
514462af838b5724780d25c832a77ba6c4da30aa2167c3ebf964aba8085d50cf
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68bc666348871fe1e01461b47a4e621be55ef0e41d8e30c231b30e1c6726d022
6cfe24a33fded89458c73d54bcae0b50eb18ded78998c19ff7fe9799eb02c46b
707316e6fb3fc134c6555f90e9a5a84bce8deedd02131375907f56d4d7b4045c
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a
77d9102b426f1487e8550ed41e3650f47d74c020c7486e2876f07698fc97bb88
7910a6fe62f0c4aa3bae5a23b140df59e8564c1e8484468982cdfd74524922ad
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79f758ea183363049e80cdb0afdb2e1ad4045ff4c385d726e78c0206abf959e9
8232a8b100fa4342291445890944b38781491e517ee10b765a8f464ff852d85d
82ecd7187bc277704af5711cbbc8eaa7df225f63bd8a10e472477b656f29db84
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
8631d5de4f7ea4e9c28789d06b0a5fbef166139191c79049fcd4fff0d475af90
88d8f1bc61c7d224f99b8ab478c18756135cb3c3531d63818c5e1dff3182a974
89adcbf58b300d221bdc89b14f327ec5a116eb32ac8edd533d19fe214ea79ed1
9512a0f53f142765b9c06f302309951ac3fe4fa0d15fed99a83ef8a4f6a93c14
953f9c59181a408a239bc79ea342c607d9740dd33d97bca39179383ed4fe1b50
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae89515862f38388e339168c9c1015313c0c44fe10b7fc5b1f56fdf60987c451
af98ca373a320b7aa3890f59d331b13feecffe607434f2b16696819cce402e20
afbd30c1ad67286eff72df63b5d563a6d3827c01bca881013ae87982930ac369
afc46b73fc2cfcc580fac0679468987511b075847198a2464ee604661cf5e801
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7ed4c8d837c5ba75b26ec5e7dafec35df4a0edae3b0f6d1a4649694a0c539d8
bb4bc3326d805b373708ecb45ef96b9e49c3c315b1004e2beaeddc2df7bec949
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c1f443fd6d94662e5b0b0651fbd2ddd1820ba2d528357a1ba127daff3f9986fd
c220b7179103dd13fb84a4dd6cd2b8f31791a6870fa8cc53370c11746947b3c9
c4e113e7bf186f978548b1b5db327b755b8944540262ffb5edd28811acf84b26
c9461fa5881fac58c953e57e071582cb4a82254fb3b0ce874c0c1249374d31bb
cc17b4eea2a323208733267a3f41e8a14cfc240b9dc9c3d622fdc64013c26cb7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ccf46349aa4a3042db990d577479e2b356e6f5aa1af16d2dc7dd94967917e8a3
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cda6fb4229ac27f27bb05d9a85d2a1a0b39aa8043342c5dee9d8958c33a3dfbe
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d4e70af82bfee4465bb7197027ffb4f3b28e81c16d64301b88fcc5836d647bd8
d865cbdda1fe4bc8511c3e06034b8e00ca15c8f2d0b19c5ebfe083e2570a5f37
da365c2e23d5e2aea7122d625db97f77c019c1b19e9c032171f7e08529da094f
dd5c42d2e3b1606ac28caab2e48cb1db4e63c3a669e5bbdb10dd27fbdb5ac1a6
e0229dbcb78d16f4e98ccb93decb992b6bb488fffdd85675e586ab6546efd3bb
e0858cce8f7c711ef2a0ee1a5bc9282b9831c477ce1058ee388d35268b7c916b
e111a3850d781cc4bb9983b28613414f9a59af060c2860692d56809589c663b3
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c50bf160a6bb4c76861620e8499492ff63697842d0ee8f8d36fb12be4c0f0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f43ba4914ca1607afe812192fe3eb1f7ba986b0a9f48cb1c79d0210aeb1185
f21a6ca53f0467c2c8bed0436f1a7bd16376e2e6b1e4e3dbfd67a0c68878e5cc
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
f51a943314d36dfdaa7cad1df8fff0ac13f7ad32adb31cfbf43637363e89cac3
f52d6b4657c8b0f228cef66f57d0b838ef0f0be00a3c92b95432c7ec2e050555
f68cf913b546c9a77e35970a61395ebb616baf31a1597ffc13539cc9b4dcac40
f9560995c32a95592e09117440ae26baadb3badcfca256f0d0652bfdb3e712cb
fdab1ffd27400dc9e496bfc8d4b24b8283387db1a5b0bc3ce1577c3efec6d1fc

bg.m-almahdi.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

174 Requests

89 %HTTPS

50 %IPv6

35 Domains

56 Subdomains

51 IPs

9 Countries

2332 kBTransfer

6719 kBSize

31 Cookies

13 Outgoing links

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bg.m-almahdi.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

89 %
HTTPS

50 %
IPv6

35
Domains

56
Subdomains

51
IPs

9
Countries

2332 kB
Transfer

6719 kB
Size

31
Cookies

174 HTTP transactions
1 data transactions