ko.strephonsays.com Open in urlscan Pro
2606:4700:3034::ac43:86bb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ko.strephonsays.com/
Submission: On June 28 via manual (June 28th 2023, 6:17:12 am UTC) from KR — Scanned from DE

Summary HTTP 61 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3034::ac43:86bb, located in United States and belongs to CLOUDFLARENET, US. The main domain is ko.strephonsays.com.
TLS certificate: Issued by GTS CA 1P5 on June 12th 2023. Valid for: 3 months.

This is the only time ko.strephonsays.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3034::ac43:86bb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225e:b400:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:c800:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
6	46.4.104.244 46.4.104.244	24940 (HETZNER-AS) (HETZNER-AS)
7	99.86.4.64 99.86.4.64	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
12	2606:4700:1::... 2606:4700:1::6813:844e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:1::... 2606:4700:1::6813:874e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:c2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
61	16

13 2606:4700:3034::ac43:86bb (United States)

ASN13335 (CLOUDFLARENET, US)

ko.strephonsays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
strephonsays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.strephonsays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:b400:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:c800:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.4.104.244 (Rostock, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.104.4.46.clients.your-server.de

www.bigmp3db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 99.86.4.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-64.fra6.r.cloudfront.net

optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:1::6813:844e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:874e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c2d (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7412 c.mgid.com — Cisco Umbrella Rank: 6000 cdn.mgid.com — Cisco Umbrella Rank: 10218 servicer.mgid.com — Cisco Umbrella Rank: 7293 s-img.mgid.com — Cisco Umbrella Rank: 7126 cm.mgid.com — Cisco Umbrella Rank: 1358	107 KB
13	strephonsays.com ko.strephonsays.com strephonsays.com — Cisco Umbrella Rank: 466455 a.strephonsays.com	504 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9422	3 KB
7	consensu.org optad360.mgr.consensu.org — Cisco Umbrella Rank: 53879	262 KB
6	bigmp3db.com www.bigmp3db.com — Cisco Umbrella Rank: 995306	20 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	157 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3245	74 KB
3	optad360.io get.optad360.io — Cisco Umbrella Rank: 32950 cmp.optad360.io — Cisco Umbrella Rank: 51551	298 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135	166 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	6 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 553	63 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808	25 KB
1	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 10878	252 KB
1	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 407962	10 KB
61	14

	Domain	Requested by
8	a.strephonsays.com	ko.strephonsays.com
7	mc.yandex.com	3 redirects
7	optad360.mgr.consensu.org	cmp.optad360.io get.optad360.io optad360.mgr.consensu.org
6	www.bigmp3db.com	ko.strephonsays.com www.bigmp3db.com
4	cdn.mgid.com
3	c.mgid.com	jsc.mgid.com
3	mc.yandex.ru	2 redirects ko.strephonsays.com
3	strephonsays.com	ko.strephonsays.com
2	cm.mgid.com	jsc.mgid.com
2	jsc.mgid.com	www.bigmp3db.com jsc.mgid.com
2	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
2	get.optad360.io	ko.strephonsays.com get.optad360.io
2	pagead2.googlesyndication.com	ko.strephonsays.com pagead2.googlesyndication.com
2	cdn.jsdelivr.net	ko.strephonsays.com get.optad360.io
2	ko.strephonsays.com	ko.strephonsays.com
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	cl.imghosts.com
1	s-img.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	cdn.zx-adnet.com	ko.strephonsays.com
1	cmp.optad360.io	ko.strephonsays.com
61	23

This site contains links to these domains. Also see Links.

Domain
strephonsays.com
ar.strephonsays.com
bg.strephonsays.com
cs.strephonsays.com
el.strephonsays.com
es.strephonsays.com
et.strephonsays.com
fi.strephonsays.com
fr.strephonsays.com
hi.strephonsays.com
hr.strephonsays.com
hu.strephonsays.com
id.strephonsays.com
it.strephonsays.com
iw.strephonsays.com
ja.strephonsays.com
lt.strephonsays.com
lv.strephonsays.com
ms.strephonsays.com
nl.strephonsays.com
no.strephonsays.com
pl.strephonsays.com
pt.strephonsays.com
ru.strephonsays.com
sk.strephonsays.com
sl.strephonsays.com
sr.strephonsays.com
sv.strephonsays.com
th.strephonsays.com
tr.strephonsays.com
uk.strephonsays.com
vi.strephonsays.com

Subject Issuer	Validity	Valid
strephonsays.com GTS CA 1P5	`2023-06-12` - `2023-09-10`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-03-01` - `2023-11-15`	9 months	crt.sh
d.hive.properties GTS CA 1D4	`2023-05-08` - `2023-08-06`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
www.bigmp3db.com R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh
optad360.mgr.consensu.org Amazon RSA 2048 M02	`2023-04-23` - `2024-05-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://ko.strephonsays.com/
Frame ID: CCECA49304100D020CD2033CB1DC7CFC
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html
Frame ID: E9E84382CB49A155AA4F3E4ACC557115
Requests: 1 HTTP requests in this frame

Frame: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Frame ID: 60500776C65B3B830BD894094DB9A1B1
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1687933025871823400388
Frame ID: 6AD7C71B28F6CAD4B811AD3833857D02
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

알고있다 2023

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

61
Requests

90 %
HTTPS

73 %
IPv6

14
Domains

23
Subdomains

16
IPs

3
Countries

1945 kB
Transfer

5254 kB
Size

15
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ar.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://bg.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://cs.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://el.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://es.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://et.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://fi.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://fr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://hi.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://hr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://hu.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://id.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://it.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://iw.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ja.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://lt.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://lv.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ms.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://nl.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://no.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://pl.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://pt.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ru.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sk.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sl.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sv.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://th.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://tr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://uk.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://vi.strephonsays.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10048.mqHMBHN9v34-sIby5QJpBI1lE3oJKaXoKESPoC7WW9HfRJ-9xi935nXGY5B6ONkY.EUy6UDEdpJifpQws5Fnc8oPi4g4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10048.d3IaQkNDl9iq37kGd4-5NJH2SqaFvYIlW_AJWQcSbUrFmy3UNwkpuE86kKyCGpNxbtyICTOEkOKs2SAhUIS62XVVtBoyFU5lGRpxhWfg86k%2C.QU5HDzhSiDlloH-0pOS4s-OVAgc%2C

Request Chain 43

https://mc.yandex.com/watch/53480917?wmode=7&page-url=https%3A%2F%2Fko.strephonsays.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A321%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1041003374764%3Ahid%3A1069357746%3Az%3A0%3Ai%3A20230628061704%3Aet%3A1687933024%3Ac%3A1%3Arn%3A938983846%3Arqn%3A1%3Au%3A1687933024976803242%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A55%2C34%2C44%2C24%2C0%2C0%2C%2C3%2C0%2C281%2C281%2C3%2C222%3Aco%3A0%3Acpf%3A1%3Ans%3A1687933023718%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687933025%3At%3A%EC%95%8C%EA%B3%A0%EC%9E%88%EB%8B%A4%202023&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/53480917/1?wmode=7&page-url=https%3A%2F%2Fko.strephonsays.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A321%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1041003374764%3Ahid%3A1069357746%3Az%3A0%3Ai%3A20230628061704%3Aet%3A1687933024%3Ac%3A1%3Arn%3A938983846%3Arqn%3A1%3Au%3A1687933024976803242%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A55%2C34%2C44%2C24%2C0%2C0%2C%2C3%2C0%2C281%2C281%2C3%2C222%3Aco%3A0%3Acpf%3A1%3Ans%3A1687933023718%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687933025%3At%3A%EC%95%8C%EA%B3%A0%EC%9E%88%EB%8B%A4%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 49

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10048.qdCGqif9uE04eBhsDDdUIyWO40UsgTIiRkEzUo8VvB10rkWKuZqsnlRja52OAF9U.rafpWYe96skFwi_L3r2UlW8wFDw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10048.Qp8Ln6prWcNRvWTtbgJbszTIx5NjSFeAihdnls38k486h4X2BGJ2gztpsWYQWxrYueUBHbXZsO2KBtmmxbLD79aNvdxpQO17bA3OheoiH-k%2C.ye7KA3nf_VKEI-ISDkaTmqWX31g%2C

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ko.strephonsays.com/ 46 KB
8 KB 135ms
44ms Document
text/html 2606:4700:3034::ac43:86bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:86bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: 6aa7d0b5f2542b45b6f232199ac3cda27bcd244684e49431a4a531a328557365

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 7de3cdf6deda1d92-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 06:17:03 GMT
expires: Thu, 29 Jun 2023 06:17:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTwKfvfjwbmyR5eQLdOy3zhyLREXy4l9ilEZjJQP0tCu5Hg4hRD4fYG9L7NGvyiHCFxfDv0MzCLHY4S4Ypg78fWbJFQVDFsdNDlLPlocFwrkpB%2FLnzmjOU1pE5xsKqRw7jx1Mzy8ywEKrFm9tqg9u79v"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15

GET
H2 200 style.css
strephonsays.com/template/artemiz/css/ 27 KB
6 KB 44ms
24ms Stylesheet
text/css 2606:4700:3034::ac43:86bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strephonsays.com/template/artemiz/css/style.css
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:86bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5692fdcd3cf15f5d2e98e6fb4f451dec0b2d61cae64af0b2bb18dfe46614c0ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122868
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:14:04 GMT
server: cloudflare
etag: W/"6cae-5efef3ab093e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9J2GE0Pch6WxLKLWFWerj3U8ViQp%2BCibvxhBnQWkM2PdVaduHJyt4cIamBQ63VPID2sAh7xEOPbGBHQ6HT2SvKsWA0g%2FfYDTBE3UW14Ee5HrlRwD4Aswg9flCKvKiG6A%2F3sPEvNOsDvcqjEYg6%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7de3cdf73f571d92-FRA
expires: Mon, 10 Jul 2023 20:09:15 GMT

GET
H2 200 yt.css
strephonsays.com/template/artemiz/css/ 69 KB
44 KB 57ms
37ms Stylesheet
text/css 2606:4700:3034::ac43:86bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strephonsays.com/template/artemiz/css/yt.css
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:86bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71a005e915b96b3ed8feb7d4f5221db75e3658fd8678e68d5b04b5dce0aef73e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 389956
cf-polished: origSize=70952
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:14:05 GMT
server: cloudflare
etag: W/"11528-5efef3abd421a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiuIFFkOKJR8h5oIeqbb7%2FL6XUEXFQE5LudNnKYuU%2FOF9kndFFDbCNSW0z8gvkpMVRrnIAYD0VjR2JS6UkMDzSoYNj2IPsAZIPDfWUM%2B3DKafiU%2FHiMy2%2B7HHbOEDxGeYDNNbAt7remXOFs9x32b"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7de3cdf73f561d92-FRA
expires: Fri, 07 Jul 2023 17:57:47 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
5 KB 49ms
12ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 06:17:03 GMT
x-content-type-options: nosniff
age: 17864
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4958
x-served-by: cache-fra-eddf8230060-FRA
x-jsd-version-type: version
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rocket-loader.min.js Show response
ko.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 19ms
19ms Script
application/javascript 2606:4700:3034::ac43:86bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:86bb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Jun 2023 09:29:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64941465-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0UEDNuKCZ%2Bpy6gkihLkrbrWz6hqvnRCPfk3YtPglte8qmO0FS1kcrGfFBkOw0bHdQiR6Z%2BArYq1iTLIHfpRym7Nzd4IvUMfZQ3LV6lfORk57rFB8uDMyYyvIOSjUUdGG5cAclVRLXOtBLVQhnvhk7qi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7de3cdf74f591d92-FRA
expires: Fri, 30 Jun 2023 06:17:03 GMT

GET
H3 200 scripts.js Show response
strephonsays.com/template/artemiz/js/ 177 KB
61 KB 26ms
26ms Script
application/javascript 2606:4700:3034::ac43:86bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strephonsays.com/template/artemiz/js/scripts.js
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:86bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68dbc402b8d95b31ec11900b3b5aee781e46330beeec75070f60a40c03b402d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 372887
cf-polished: origSize=181106
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:14:07 GMT
server: cloudflare
etag: W/"2c372-5efef3ae1ed1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JJV53rqgXV5VomOOdB42swV8R8%2BSeiK0IyIcA%2FxD1wPS4fpbxX8zd84HUmQdxZk6opNnYib9qCLKe4YN%2BZKh%2FBm%2B%2BTtDonCpQqdOn5SbMaE4Ii5HZy1ni1O7o29nuvCdZIzQqgBJ3lTUPRU0rcn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7de3cdf798dd30c6-FRA
expires: Fri, 07 Jul 2023 22:42:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
48 KB 174ms
87ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2173063720940886

Requested by

Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8ed212237d7065399b3d6fb5b18ca200873b24bd11dc1e53c36e80f239b616b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ko.strephonsays.com/
Origin: https://ko.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48411
x-xss-protection: 0
server: cafe
etag: 17501958937092146095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 06:17:04 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/ 291 KB
61 KB 74ms
9ms Script
application/javascript 2600:9000:225e:b400:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a73a0470af927c5e55124cdc641956b1f723683f3b58d257a766e931952d51e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:03:07 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 17:01:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 47638
x-amz-server-side-encryption: AES256
etag: W/"772f541e8e42b1e4f8b774f783f0d60b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 0IzD0lXQ_XUT5IFiFDSnqKLEO-WOTOGxH7hzC_tW9wgmLO-lcDy-og==

GET
H2 200 45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js Show response
cmp.optad360.io/items/ 253 KB
72 KB 75ms
10ms Script
application/javascript 2600:9000:223c:c800:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c800:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1cd9602b63db552abd2b3cd8689102702d17efae5e9fe98f94691efc77897b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:15:56 GMT
content-encoding: gzip
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
last-modified: Sun, 18 Apr 2021 12:34:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 69
etag: W/"4bc6f41a14eeeb489540c26fb99b9427"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: ny8EWOuGieJUrXRxtOYzuPwVjP4gmxQY3xh-Rce4dg0vYVjTLrqZ2A==

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 Difference-Between-Companies-Limited-by-Shares-and-Companies-Limited-by-Guarantee.webp
a.strephonsays.com/business/ 47 KB
47 KB 62ms
21ms Image
image/webp 2606:4700:3034::ac43:86bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/business/Difference-Between-Companies-Limited-by-Shares-and-Companies-Limited-by-Guarantee.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:86bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb23189475c4f60039d1389da9ab3225c9c215c3ffa4af384ceccecc038759ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 600
alt-svc: h3=":443"; ma=86400
content-length: 48014
last-modified: Wed, 06 Oct 2021 21:04:42 GMT
server: cloudflare
etag: "bb8e-5cdb57eb812f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ivP9Ri7ItYyIdIkz2CCjKXBf5gdw%2FL5SCzX%2FEA0Do8ir7xlpYQ2dDnYvGSmEEoYJqDy3CVls0c%2BRlv0VqbsHibkcZKz%2BRARKKTombEojDZh5fOQUd0KyADYdeKGJtub%2BO9bK%2Bb4v%2Fg0rNNmucoGkZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cdf838741d92-FRA

GET
H2 200 Difference-Between-Passport-Book-and-Passport-Card-1.webp
a.strephonsays.com/countries/ 32 KB
33 KB 92ms
52ms Image
image/webp 2606:4700:3034::ac43:86bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/countries/Difference-Between-Passport-Book-and-Passport-Card-1.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:86bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ee546d3fdc2130c140cb072df57741817b56fbed52404642631ef41bc628c4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 21:06:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8192-5cdb586ca2ed4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PoRlJKLSK5f1cfxxw%2BgcgTzCI9iyAHzAvnHcUKF3bUscXLU%2FnZso4gjNyBX0YreaicaODNa5Xcxrci7%2FYwl4GEeBj2KXiKsj25Duro1NUruIsUCv1f2i12T1eOoAaBxP6otHaFsV%2BlDmwB5uFHuMd8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cdf838711d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 33170

GET
H2 200 Difference-Between-Lean-Protein-and-Whey-Protein.webp
a.strephonsays.com/health/ 51 KB
52 KB 88ms
48ms Image
image/webp 2606:4700:3034::ac43:86bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/health/Difference-Between-Lean-Protein-and-Whey-Protein.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:86bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35542897f7cd6769cd6b1118b38e65a9cfc72d0f7d01c0ace49f17d88fd37e53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 22:35:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "cc7e-5cdb6c3903fc1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfX7KniY4xRpm%2B6VVXYgwZ7Emg2yFqheoaXjFYiyrnGKLyv8IFkiaK5pLqS8RTtWjni0gZM%2FHoTvJeamE23rDGodA2EPff3XHVwcXbN7zam1E2XMtd%2B1tsmcfJppIEYZ8Fq32Q8bSxkEe7zq%2F4JjiqI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cdf838761d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 52350

GET
H2 200 Difference-Between-Anisole-and-Diethyl-Ether.webp
a.strephonsays.com/science-nature/ 15 KB
16 KB 73ms
35ms Image
image/webp 2606:4700:3034::ac43:86bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/science-nature/Difference-Between-Anisole-and-Diethyl-Ether.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:86bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ca430f52e5648245baeb07cd6574f80760acb4d75ebd484af5ffcb68b0ba367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 23:44:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3d88-5cdb7b9a5a810"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SK8xRcnu%2FjZUwOvgzOgSZlM1gxgdiXaPTIDpsnaxdQ0W%2BOVKM9r51gNOIXF5PRM7F%2Bf57p5XRmNqOIRPfpIq0P11od0zfG%2BABvRg%2B2zgJeknwFcWq%2BT0ggLydEUOVXcZdy3G8Q6p2CtLaqU5ZLu524w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cdf838781d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15752

GET
H2 200 Difference-Between-Oxygen-and-Ozone.webp
a.strephonsays.com/science-nature/ 83 KB
84 KB 92ms
56ms Image
image/webp 2606:4700:3034::ac43:86bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/science-nature/Difference-Between-Oxygen-and-Ozone.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:86bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2296b3173627f84f8361243bda095a4fa2c05c222200f895b44bad0a6ef15e9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 23:16:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "14dea-5cdb755542fc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQSw9xSrUq3QhX7ZfxjGH6vp7MIrgG59%2Fmg2YSXhpDl7WMpNOGWENrxRKp%2FolwmQ3Y%2B8B8WGxc6Nq7XKneLMK0tL89aIheQFHwFGaPy4nPD%2FrgQl6Dit10VuK7rMhXrDwbnzklKOfxe0ojmI9hA6r54%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cdf838751d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 85482

GET
H2 200 Difference-Between-Personal-Identity-and-Social-Identity.webp
a.strephonsays.com/education/ 60 KB
61 KB 78ms
42ms Image
image/webp 2606:4700:3034::ac43:86bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/education/Difference-Between-Personal-Identity-and-Social-Identity.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:86bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6f6cb043708335483ae84eb97bfb412e7336a59f8195bb9261cf6ff0611f48d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 22:30:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f0a8-5cdb6b2120306"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AbwSM2OFXPrZLDJIZbus3bbM8upzzTdOrltnfGV9TSeiW5VRjlbp9zpMWwjjJGXTd7F09uNZ6NPyiYRaz7lSOz3hwLhmtvQktrBhL%2FwsFEwaDbK1KMfdnL0D47UzYGMg3%2BuEddf9F3ROU4LnrzYyh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cdf838791d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 61608

GET
H3 200 Difference-Between-Shame-and-Embarrassment-1.webp
a.strephonsays.com/people/ 27 KB
27 KB 29ms
28ms Image
image/webp 2606:4700:3034::ac43:86bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/people/Difference-Between-Shame-and-Embarrassment-1.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:86bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8fc2ef8ebf6788cd0fddf43b63f7051c87c55f0ecc60ece36e4614118c6c608

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31
alt-svc: h3=":443"; ma=86400
content-length: 27172
last-modified: Wed, 06 Oct 2021 22:54:13 GMT
server: cloudflare
etag: "6a24-5cdb7066a92af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SZD6OvWziJZEebKhweHReamPKQwKV0DXFo825jdYKPQYi3tbxs3HtG6%2BKKoiFA5kUgERScFfAGZnVvpfA8QD9niqTlZ9uZsvY%2Bj0qgwUIImewnURSCv6kiy6Hqu61zwlDm%2BpO7uTqf3isPmvidt0PU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cdf869fa30c6-FRA

GET
H3 200 Difference-Between-Room-Attendant-and-Housekeeper.webp
a.strephonsays.com/people/ 61 KB
61 KB 15ms
15ms Image
image/webp 2606:4700:3034::ac43:86bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/people/Difference-Between-Room-Attendant-and-Housekeeper.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:86bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2014055b4c9d712158efdf2e6594241d55b2b28459029648c00114816e04d10f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31
alt-svc: h3=":443"; ma=86400
content-length: 62208
last-modified: Wed, 06 Oct 2021 22:54:20 GMT
server: cloudflare
etag: "f300-5cdb706d1d5d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kvlg3TCF%2B%2FIDLGPYAnwt%2FPXbrNxHTVu5tFJiZ68GpZ2gS3BAW4tKPSo2%2FnbojjILHu6Pa%2Fkui%2BN6X0Jr8x2DE%2BskD301ObYNcZXIIWX0iak6Jh1%2BtK3LCGBQyhkwzssEM0MioTBMfmUkT3G53vqo12Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cdf869fd30c6-FRA

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 34 KB
10 KB 73ms
45ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.8008659793200816

Requested by

Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230092-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Wed, 28 Jun 2023 06:17:04 GMT
last-modified: Mon, 22 May 2023 17:32:30 GMT
x-timer: S1687933024.031213,VS0,VE39
etag: "e816600dd00bd96b1fef78362730b72e57d5bac88839b4da007d48db85d79519-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache-hits: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 214 KB
74 KB 218ms
107ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f8e19da72faefd872795c80a4329acd96300e88295224994e3fc8df5258d92c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 26 Jun 2023 10:04:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64993875-1249b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74907
expires: Wed, 28 Jun 2023 07:17:04 GMT

GET
H2 200 1duwt.min.js Show response
www.bigmp3db.com/ 67 KB
19 KB 144ms
22ms Script
text/javascript 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.min.js?e78eb65

Requested by

Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

77d9102b426f1487e8550ed41e3650f47d74c020c7486e2876f07698fc97bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
duration: 1914284
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Wed, 28-Jun-2023 09:22:04 EEST

GET
H2 200 en.json Show response
optad360.mgr.consensu.org/cmp/v2/translations/v4/ 4 KB
2 KB 49ms
11ms XHR
application/json 99.86.4.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
Requested by: Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:33 GMT
content-encoding: gzip
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified: Thu, 29 Oct 2020 12:24:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 32
etag: W/"e3fe984dfb883f99b54c331403be617b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: public, max-age=360000000
x-amz-cf-id: O_4J_qQlww493vyPr1loGh6lZTeipLARehvYRmpVW-CIY62iX1iaUg==

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
261 B 43ms
17ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?e78eb65

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

afdc7afbd20acad188b65accd34e88b5bcb2bfd11a5d05e34d9dbf5e67d7e7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ko.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 625 B
561 B 43ms
18ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?e78eb65

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

5f93ec116476671b87e8d94e3720f5a6d87af529112f3f6a86937a75a47158dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ko.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 240ms
128ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06756ed50cd9f5f08977e50328a75fe7261f4b24bc8f0c3d08077ce7cdd4a165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27066
x-xss-protection: 0
server: cafe
etag: 41 / 19536 / m202306220101 / config-hash: 13728557897118412599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 06:17:04 GMT

GET
H2 200 prebid7.36.2.js Show response
get.optad360.io/sf/ 524 KB
166 KB 7ms
7ms Script
application/javascript 2600:9000:225e:b400:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid7.36.2.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 128f76df591e53bde9def0aac6966f056566a6f46a80cc9dc7a8e0402520bd22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 17 May 2023 05:01:14 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 07:17:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3633351
etag: W/"3b0c4914aba8fba88d5605bd77c7aa05"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: H22WYV9Hylf5O4eiOhYXkNvPguJCmgTPfvnkbeGiTev9h0MDpyJcDw==

GET
H2 200 branding-ads.svg
optad360.mgr.consensu.org/icons/ 7 KB
3 KB 30ms
7ms Image
image/svg+xml 99.86.4.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optad360.mgr.consensu.org/icons/branding-ads.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:45:15 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 24573
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: 1HvZD0reRUx29d0twPSHdrgJVvbm2aiVlGPUWfUeDIcujWK4BSHPwA==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/ 345 KB
119 KB 191ms
108ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2173063720940886&plah=ko.strephonsays.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2173063720940886

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46cf2a56230fc04cd6a0538a6aaf721aef6f323301bffe66a5dd511eb24aadeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121330
x-xss-protection: 0
server: cafe
etag: 14650228373144738037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 06:17:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/ Frame E9E8 10 KB
5 KB 127ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2173063720940886

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ko.strephonsays.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76006
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 09:10:18 GMT
etag: 15057649708203361565
expires: Tue, 11 Jul 2023 09:10:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
260 B 12ms
12ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?e78eb65

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

4e27d1e36eeb090898cc37826b4467a24087216706396b858988ef500b5f4564

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ko.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 fondoperlaterra.org.1465863.js Show response
jsc.mgid.com/f/o/ 3 KB
2 KB 75ms
24ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.js
Requested by: Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?e78eb65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711e7fd261e9d804d308e4440a82efc1b71d54262c1822912875579570a60156

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
x-amz-version-id: XBhwNHFv9Rq4lAuuUD9TAW4F2luFLC7p
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: Z91FVYMMMFH4KJ9V
age: 201
cf-polished: origSize=2700
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: eY7RpZ1i0CYVo9s7bL9QZ8E/947myhydi+omVOao8DHVQvXKlOpxTyS2rzAxoX8o2mPqDDjmDkg=
cf-bgj: minify
last-modified: Tue, 20 Jun 2023 13:21:59 GMT
server: cloudflare
etag: W/"d57c0cd6f74d0b86ce4872616befa96e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7de3cdfa08be9165-FRA
expires: Wed, 28 Jun 2023 09:17:04 GMT

GET
H2 200 cmp-3.0.0.min.js Show response
optad360.mgr.consensu.org/cmp/v2/ Frame 6050 691 KB
190 KB 8ms
8ms Script
application/javascript 99.86.4.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Requested by: Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 16:17:46 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Wed, 07 Apr 2021 09:53:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 50359
etag: W/"2ea07aea04f56769b6dd53f48dae904d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-cf-id: M9-pnRNmZLh0hWs4bbkjoUegXM7ziUwXPrerZEVd2RCEGXIpjmSDsw==

GET
H2 200 branding-ads.svg
optad360.mgr.consensu.org/icons/ 7 KB
3 KB 10ms
7ms Image
image/svg+xml 99.86.4.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optad360.mgr.consensu.org/icons/branding-ads.svg
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:45:15 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 24573
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: MPjk5H65a1MqbVbD0UEU_S92VwmFueZW-xQx-PngDaqnRDsYlk019w==

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10048.mqHMBHN9v34-sIby5QJpBI1lE3oJKaXoKESPoC7WW9HfRJ-9xi935nXGY5B6ONkY.EUy6UDEdpJifpQws5Fnc8oPi4g4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10048.d3IaQkNDl9iq37kGd4-5NJH2SqaFvYIlW_AJWQcSbUrFmy3UNwkpuE86kKyCGpNxbtyICTOEkOKs2SAhUIS62XVVtBoyFU5lGRpxhWfg86k%2C.QU5HDzhSiDlloH-0pOS4s-OVAgc%2C

43 B
67 B

52ms
52ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10048.d3IaQkNDl9iq37kGd4-5NJH2SqaFvYIlW_AJWQcSbUrFmy3UNwkpuE86kKyCGpNxbtyICTOEkOKs2SAhUIS62XVVtBoyFU5lGRpxhWfg86k%2C.QU5HDzhSiDlloH-0pOS4s-OVAgc%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10048.d3IaQkNDl9iq37kGd4-5NJH2SqaFvYIlW_AJWQcSbUrFmy3UNwkpuE86kKyCGpNxbtyICTOEkOKs2SAhUIS62XVVtBoyFU5lGRpxhWfg86k%2C.QU5HDzhSiDlloH-0pOS4s-OVAgc%2C
date: Wed, 28 Jun 2023 06:17:04 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
114 B 52ms
51ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 26 Jun 2023 10:04:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64993875-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 28 Jun 2023 07:17:04 GMT

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 16ms
7ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230628

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f757dcb6d7040c5480e6bec81e5a93227e16a629e98616d02ec6076a767b242f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ko.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 06:17:04 GMT
x-content-type-options: nosniff
content-encoding: br
age: 8171
x-jsd-version: 1.0.1734
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 859
x-served-by: cache-fra-eddf8230093-FRA
x-jsd-version-type: version
etag: W/"637-tar4j7pq1lFMUjWIEQbMts2P0jY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 vendor-list.json Show response
optad360.mgr.consensu.org/cmp/v2/ Frame 6050 539 KB
59 KB 14ms
14ms XHR
application/json 99.86.4.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/vendor-list.json
Requested by: Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a21b20c52fbc7ca1897d496862d422e5ce453e50d57d0defda0af7e09c904d35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:33 GMT
content-encoding: gzip
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 32
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 19 May 2023 08:47:37 GMT
server: AmazonS3
etag: W/"fc2ec65f9cf17067ac2746e0e0bade13"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604802
x-amz-cf-id: ZPfcbPge6cK7CUsjFadrpCznF3OUxVIiyseLNAXccAw842_ezZyq2A==

GET
H2 200 branding-ads.svg
optad360.mgr.consensu.org/icons/ 7 KB
3 KB 7ms
7ms Image
image/svg+xml 99.86.4.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optad360.mgr.consensu.org/icons/branding-ads.svg
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:45:15 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 24573
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: T6tF0TbGIiLq7bZywlnaS9wDHcg3eGCbqkQlmSrxuLBNPqZPDIkg-Q==

GET
H2 200 fondoperlaterra.org.1465863.es6.js Show response
jsc.mgid.com/f/o/ 309 KB
94 KB 33ms
32ms Script
text/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71597476c237c8224a06badf8bf149d2a03ee4ccdc25a5c2841e51b4a8960e3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
x-amz-version-id: MBvgB.p5lIc1sAHLfyi2B3jDdJWgGnxw
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: MF6AE494KR4YCRMK
age: 201
cf-polished: origSize=316378
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: eMF7qVnYuqFHUu05cupcmBsBQdfuQnyvwnGNtND8EWsemDL3w1WoQdqQZZe/Db2VuS9WbEsaOZbg4NAaYI1Bpq8pvlPqvBex
cf-bgj: minify
last-modified: Tue, 20 Jun 2023 13:21:59 GMT
server: cloudflare
etag: W/"949517734d56f187f349544c1c5a4a63"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7de3cdfb09d29165-FRA
expires: Wed, 28 Jun 2023 09:17:04 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
260 B 12ms
12ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?e78eb65

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

98e78d64719006a9932b20b46b4bb117049e72078175713df6291ce030197fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ko.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/ 393 KB
125 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3086c49956d51c2cba2562ba86a083aedf01d66f41c264f158f5d4f6e632c3eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 12:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64847
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127939
x-xss-protection: 0
server: cafe
etag: 10569078359274256513
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 26 Jun 2024 12:16:17 GMT

GET
H2 200 branding-ads.svg
optad360.mgr.consensu.org/icons/ 7 KB
3 KB 7ms
7ms Image
image/svg+xml 99.86.4.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optad360.mgr.consensu.org/icons/branding-ads.svg
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:45:15 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 24573
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: a2d4NOgYk1LLi-5o3CBo7BdXdeJ9cs6SXoZc5tK0P5lZYrXeJuIEtw==

GET
BLOB 200
OK a2089ccc-a0fe-422f-a16e-b22a06f6f4d1
https://ko.strephonsays.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ko.strephonsays.com/a2089ccc-a0fe-422f-a16e-b22a06f6f4d1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK dfcc0f5a-1d4d-4290-ba30-3f9d7c0bb50a
https://ko.strephonsays.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ko.strephonsays.com/dfcc0f5a-1d4d-4290-ba30-3f9d7c0bb50a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2

200

1 Show response
mc.yandex.com/watch/53480917/
Redirect Chain

https://mc.yandex.com/watch/53480917?wmode=7&page-url=https%3A%2F%2Fko.strephonsays.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A321%3Afu%3A0%3Aen%3...
https://mc.yandex.com/watch/53480917/1?wmode=7&page-url=https%3A%2F%2Fko.strephonsays.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A321%3Afu%3A0%3Aen...

447 B
557 B

58ms
58ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/53480917/1?wmode=7&page-url=https%3A%2F%2Fko.strephonsays.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A321%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1041003374764%3Ahid%3A1069357746%3Az%3A0%3Ai%3A20230628061704%3Aet%3A1687933024%3Ac%3A1%3Arn%3A938983846%3Arqn%3A1%3Au%3A1687933024976803242%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A55%2C34%2C44%2C24%2C0%2C0%2C%2C3%2C0%2C281%2C281%2C3%2C222%3Aco%3A0%3Acpf%3A1%3Ans%3A1687933023718%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687933025%3At%3A%EC%95%8C%EA%B3%A0%EC%9E%88%EB%8B%A4%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5f36c907e8fb276351939cbd10da0705fa1c1c04ebc32be7fdb083ce8e41a88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 06:17:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 28-Jun-2023 06:17:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ko.strephonsays.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 28-Jun-2023 06:17:04 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 06:17:04 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 28-Jun-2023 06:17:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/53480917/1?wmode=7&page-url=https%3A%2F%2Fko.strephonsays.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A321%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1041003374764%3Ahid%3A1069357746%3Az%3A0%3Ai%3A20230628061704%3Aet%3A1687933024%3Ac%3A1%3Arn%3A938983846%3Arqn%3A1%3Au%3A1687933024976803242%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A55%2C34%2C44%2C24%2C0%2C0%2C%2C3%2C0%2C281%2C281%2C3%2C222%3Aco%3A0%3Acpf%3A1%3Ans%3A1687933023718%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687933025%3At%3A%EC%95%8C%EA%B3%A0%EC%9E%88%EB%8B%A4%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://ko.strephonsays.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 28-Jun-2023 06:17:04 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
43 B 48ms
30ms Script
text/plain 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1687933024679475601530&uniqId=0d242&lct=1687219200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fko.strephonsays.com%2F&lu=https%3A%2F%2Fko.strephonsays.com%2F&pageView=1&pvid=18900a5f9a7a2075d1e&site=761202&implVersion=11&dpr=1&tfre=801
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7de3cdfc5b079165-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content 5beb61db-524f-48c5-8eca-21a24c4d377a
https://ko.strephonsays.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ko.strephonsays.com/5beb61db-524f-48c5-8eca-21a24c4d377a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 37ms
22ms Image
image/svg+xml 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BQQZ016TJQM3CQAQ
age: 2367
alt-svc: h3=":443"; ma=86400
x-amz-id-2: H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7de3cdfc7b1a9165-FRA
expires: Thu, 29 Jun 2023 06:17:04 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
813 B 44ms
29ms Image
image/svg+xml 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BQQP2P0ZGAY0CMXJ
age: 6073
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7de3cdfc7b1c9165-FRA
expires: Thu, 29 Jun 2023 06:17:04 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
260 B 11ms
11ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?e78eb65

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

ac94f98a2eb3a9513803ff08499150d17b681804bd0f0a3c06729074d0dd7af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ko.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10048.qdCGqif9uE04eBhsDDdUIyWO40UsgTIiRkEzUo8VvB10rkWKuZqsnlRja52OAF9U.rafpWYe96skFwi_L3r2UlW8wFDw%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10048.Qp8Ln6prWcNRvWTtbgJbszTIx5NjSFeAihdnls38k486h4X2BGJ2gztpsWYQWxrYueUBHbXZsO2KBtmmxbLD79aNvdxpQO17bA3OheoiH-k%2C.ye7KA3nf_VKEI-ISD...

43 B
91 B

57ms
57ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10048.Qp8Ln6prWcNRvWTtbgJbszTIx5NjSFeAihdnls38k486h4X2BGJ2gztpsWYQWxrYueUBHbXZsO2KBtmmxbLD79aNvdxpQO17bA3OheoiH-k%2C.ye7KA3nf_VKEI-ISDkaTmqWX31g%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:04 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10048.Qp8Ln6prWcNRvWTtbgJbszTIx5NjSFeAihdnls38k486h4X2BGJ2gztpsWYQWxrYueUBHbXZsO2KBtmmxbLD79aNvdxpQO17bA3OheoiH-k%2C.ye7KA3nf_VKEI-ISDkaTmqWX31g%2C
date: Wed, 28 Jun 2023 06:17:04 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 1 Show response
servicer.mgid.com/1465863/ 2 KB
1 KB 88ms
68ms Script
application/x-javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1465863/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1687933025750716524840&uniqId=0d242&lct=1687219200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1400&h=390&ident_p=true&sz=686x330&szp=1,2&szl=1,2&cols=2&tcfV2=1&sessionId=649bd061-1547b&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&ref=&cxurl=https%3A%2F%2Fko.strephonsays.com%2F&lu=https%3A%2F%2Fko.strephonsays.com%2F&pageView=1&pvid=18900a5f9a7a2075d1e&implVersion=11&dpr=1&tfre=1872
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a565505c4d58c8dccf3160fce1e155320e9de447d814c136a005c3aa5521c9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7de3ce0318a99165-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:05 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1SAKNE8T99VM7FFV
age: 6510
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7de3ce039dd62c5d-FRA
expires: Thu, 29 Jun 2023 06:17:05 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 24ms
23ms Image
image/svg+xml 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:05 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YX26RVNEGW9X6AWK
age: 1010
alt-svc: h3=":443"; ma=86400
x-amz-id-2: n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7de3ce039dd82c5d-FRA
expires: Thu, 29 Jun 2023 06:17:05 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy81MzA0NTMvMzJlM...
s-img.mgid.com/g/15659576/492x277/-/ 5 KB
6 KB 75ms
26ms Image
image/webp 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15659576/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy81MzA0NTMvMzJlMWUxY2E5OGNjOTE3MmU4MTQxNTY1ZGFjNjUwNWEuanBlZw.webp?v=1687933025-2Fms0u1dhO8DbrF2lE1NFKMEPFRtnlQWwgQzdMd_xs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4aebe296ff8415b2179b645b5d49503898a81dac49c76f9f1573c6db2233594

Request headers

Referer: https://ko.strephonsays.com/
Origin: https://ko.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:05 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 15:00:32 GMT
x-mg-request-uuid: 44a847db-a737-4a37-b2f4-217ccbc3b884
server: cloudflare
age: 8867622
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7de3ce03e8439be0-FRA
content-length: 5366
alt-svc: h3=":443"; ma=86400

GET
H2 206 c05f6a1d9189da04d5ed026e4cc6777e.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-03/599627/ 251 KB
252 KB 62ms
23ms Media
video/mp4 2606:4700::6812:c2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-03/599627/c05f6a1d9189da04d5ed026e4cc6777e.mp4?v=1687933025-kxHkNT1n_KdtNcX-pSj_g0lC4kui436gFZNd-LN0i8k

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bed122527f5517e1c47d06361f58df3a975ea2fb0e60c75b22bb64b391fcf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ko.strephonsays.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 28 Jun 2023 06:17:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1382482
Content-Range: bytes 0-257522/257523
server-timing: cld-cloudflare;mitm=c;dur=139;start=2023-04-06T05:39:03.443Z;desc=miss;cloudinary;dur=123;start=2023-04-06T05:39:03.456Z
alt-svc: h3=":443"; ma=86400
Content-Length: 257523
last-modified: Mon, 27 Mar 2023 23:52:28 GMT
server: cloudflare
etag: "b2ab8a78e60174a18154f231c809b2d7"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 7de3ce03d84918c9-FRA

GET
H2 200 i.js Show response
cm.mgid.com/ 0
37 B 49ms
40ms Script
application/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1687933025867935774569
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 06:17:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7de3ce03b92a9165-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 6AD7 0
101 B 37ms
37ms Script
application/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1687933025871823400388
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 06:17:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7de3ce03b92c9165-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
25 KB 74ms
28ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: QFY4N5AZD1WDDC6N
age: 356
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7de3ce040e323657-FRA
x-amz-id-2: cUqxEceAZFATlYCgoa4isjGb10iJCu6mHxwRp9HM+s2zfdjs2XEkh9AGwGIBeMTzTVpBIZ9REiQ=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 52ms
7ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:05 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=71149
accept-ranges: bytes
content-length: 63913
expires: Thu, 29 Jun 2023 02:02:54 GMT

GET
H3 200 c
c.mgid.com/ 43 B
193 B 38ms
38ms Image
image/gif 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=686|330|8|TKRecDsnKWk2O-7EA_WIwBsrgHLB5FZbYXrq9yTV6d_FDAQcdhBz2ptnx4QXb5M5-ACDUJLGNegaeX5wVuh15A**&fw=1&extjs=66044&cid=1465863&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*&rid=67926392-157b-11ee-8d96-e43d1a2a04aa&tt=Direct&iv=11&pageImp=1&pvid=18900a5f9a7a2075d1e&cbuster=1687933026904225820777
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:06 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 7481a705-c819-4e6e-bec0-45900b188891
server: cloudflare
content-type: image/gif
cf-ray: 7de3ce0a2c722c5d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 200 c
c.mgid.com/ 43 B
193 B 31ms
30ms Image
image/gif 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=686|330|8|TKRecDsnKWk2O-7EA_WIwIUxebXv7TYMAew6nCxGQY-o7j4EnRdcN9fevstl-e2x9HZLffOxeB7wAh3lPKV79Q**&extjs=66044&cid=1465863&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*&rid=67926392-157b-11ee-8d96-e43d1a2a04aa&tt=Direct&iv=11&pageImp=0&pvid=18900a5f9a7a2075d1e&cbuster=1687933026983548199765
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:17:07 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: ad0a69a7-db1b-4711-8028-ac7556c73ec6
server: cloudflare
content-type: image/gif
cf-ray: 7de3ce0aacee2c5d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 12:52:14	Name: __cf_bm Value: PVDVp6_2rzdbtlrT4DMIqBH7umWDnaGuIEixVDv.o1k-1687933024-0-ASbV+x+K2AGiEhfFsN2I7aUHWho26iz3mSPU8HsUbAXQdgjXX14GaIT/cit2XhBsXlvGpdEehyP1DlITDEeqgfU=
.strephonsays.com/	1970-01-20 21:37:49	Name: _ym_uid Value: 1687933024976803242
.strephonsays.com/	1970-01-20 21:37:49	Name: _ym_d Value: 1687933024
.strephonsays.com/	1970-01-20 21:37:49	Name: _sharedID Value: 1370d437-caac-4674-8b91-530988288544
.mc.yandex.com/	1970-01-20 12:52:13	Name: sync_cookie_csrf Value: 2338445375fake
.strephonsays.com/	1970-01-20 12:53:25	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 12:52:13	Name: sync_cookie_csrf Value: 3094709297fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 863269601687933024
.yandex.com/	1970-01-20 22:28:13	Name: i Value: pC9+DMEvGt2jTNCyAkT+Nh6sr5MIxmSD/3cyLE+owkNHL0WrDRjM6qwNpghL0TXZU5JUM8GsVoPpITd6mzB7U3AizEU=
.yandex.com/	1970-01-20 22:28:13	Name: yandexuid Value: 7878071111687933024
.yandex.com/	1970-01-20 21:37:49	Name: yuidss Value: 7878071111687933024
.yandex.com/	1970-01-20 21:37:49	Name: ymex Value: 1719469024.yc.1687933024#1719469024.yrts.1687933024#1719469024.yrtsi.1687933024
.yandex.com/	1970-01-20 21:37:49	Name: bh Value: KgI/MA==
ko.strephonsays.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1465863%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221687933025850%22%7D%7D
ko.strephonsays.com/	1970-01-20 13:35:25	Name: _pbjs_userid_consent_data Value: 3524755945110770

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.strephonsays.com
ads.pubmatic.com
c.mgid.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.zx-adnet.com
cl.imghosts.com
cm.mgid.com
cmp.optad360.io
get.optad360.io
googleads.g.doubleclick.net
jsc.mgid.com
ko.strephonsays.com
mc.yandex.com
mc.yandex.ru
optad360.mgr.consensu.org
pagead2.googlesyndication.com
s-img.mgid.com
securepubads.g.doubleclick.net
servicer.mgid.com
strephonsays.com
www.bigmp3db.com
151.101.1.195
23.35.236.201
2600:9000:223c:c800:6:b871:4f00:93a1
2600:9000:225e:b400:11:a4de:2580:93a1
2606:4700:10::6816:3556
2606:4700:1::6813:844e
2606:4700:1::6813:874e
2606:4700:3034::ac43:86bb
2606:4700::6812:c2d
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a02:6b8::1:119
2a04:4e42:600::485
46.4.104.244
99.86.4.64
06756ed50cd9f5f08977e50328a75fe7261f4b24bc8f0c3d08077ce7cdd4a165
128f76df591e53bde9def0aac6966f056566a6f46a80cc9dc7a8e0402520bd22
2014055b4c9d712158efdf2e6594241d55b2b28459029648c00114816e04d10f
2296b3173627f84f8361243bda095a4fa2c05c222200f895b44bad0a6ef15e9f
2ca430f52e5648245baeb07cd6574f80760acb4d75ebd484af5ffcb68b0ba367
3086c49956d51c2cba2562ba86a083aedf01d66f41c264f158f5d4f6e632c3eb
35542897f7cd6769cd6b1118b38e65a9cfc72d0f7d01c0ace49f17d88fd37e53
46cf2a56230fc04cd6a0538a6aaf721aef6f323301bffe66a5dd511eb24aadeb
4e27d1e36eeb090898cc37826b4467a24087216706396b858988ef500b5f4564
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5692fdcd3cf15f5d2e98e6fb4f451dec0b2d61cae64af0b2bb18dfe46614c0ca
5ee546d3fdc2130c140cb072df57741817b56fbed52404642631ef41bc628c4a
5f36c907e8fb276351939cbd10da0705fa1c1c04ebc32be7fdb083ce8e41a88b
5f93ec116476671b87e8d94e3720f5a6d87af529112f3f6a86937a75a47158dd
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
68dbc402b8d95b31ec11900b3b5aee781e46330beeec75070f60a40c03b402d9
6aa7d0b5f2542b45b6f232199ac3cda27bcd244684e49431a4a531a328557365
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
711e7fd261e9d804d308e4440a82efc1b71d54262c1822912875579570a60156
71597476c237c8224a06badf8bf149d2a03ee4ccdc25a5c2841e51b4a8960e3f
71a005e915b96b3ed8feb7d4f5221db75e3658fd8678e68d5b04b5dce0aef73e
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d
77d9102b426f1487e8550ed41e3650f47d74c020c7486e2876f07698fc97bb88
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
8a565505c4d58c8dccf3160fce1e155320e9de447d814c136a005c3aa5521c9f
98e78d64719006a9932b20b46b4bb117049e72078175713df6291ce030197fd9
a21b20c52fbc7ca1897d496862d422e5ce453e50d57d0defda0af7e09c904d35
a4aebe296ff8415b2179b645b5d49503898a81dac49c76f9f1573c6db2233594
a73a0470af927c5e55124cdc641956b1f723683f3b58d257a766e931952d51e8
a8ed212237d7065399b3d6fb5b18ca200873b24bd11dc1e53c36e80f239b616b
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac94f98a2eb3a9513803ff08499150d17b681804bd0f0a3c06729074d0dd7af5
afdc7afbd20acad188b65accd34e88b5bcb2bfd11a5d05e34d9dbf5e67d7e7a6
bb23189475c4f60039d1389da9ab3225c9c215c3ffa4af384ceccecc038759ab
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
bed122527f5517e1c47d06361f58df3a975ea2fb0e60c75b22bb64b391fcf6e1
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c8fc2ef8ebf6788cd0fddf43b63f7051c87c55f0ecc60ece36e4614118c6c608
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
e1cd9602b63db552abd2b3cd8689102702d17efae5e9fe98f94691efc77897b9
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
f6f6cb043708335483ae84eb97bfb412e7336a59f8195bb9261cf6ff0611f48d
f757dcb6d7040c5480e6bec81e5a93227e16a629e98616d02ec6076a767b242f
f8e19da72faefd872795c80a4329acd96300e88295224994e3fc8df5258d92c2

ko.strephonsays.com Open in urlscan Pro 2606:4700:3034::ac43:86bb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

90 %HTTPS

73 %IPv6

14 Domains

23 Subdomains

16 IPs

3 Countries

1945 kBTransfer

5254 kBSize

15 Cookies

32 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ko.strephonsays.com Open in urlscan Pro
2606:4700:3034::ac43:86bb Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

90 %
HTTPS

73 %
IPv6

14
Domains

23
Subdomains

16
IPs

3
Countries

1945 kB
Transfer

5254 kB
Size

15
Cookies

61 HTTP transactions
1 data transactions