ar.strephonsays.com Open in urlscan Pro
2606:4700:3030::6815:66b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ar.strephonsays.com/
Submission: On April 12 via manual (April 12th 2023, 3:29:57 pm UTC) from IN — Scanned from DE

Summary HTTP 63 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 20 IPs in 7 countries across 16 domains to perform 63 HTTP transactions. The main IP is 2606:4700:3030::6815:66b, located in United States and belongs to CLOUDFLARENET, US. The main domain is ar.strephonsays.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2022. Valid for: a year.

This is the only time ar.strephonsays.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3030::6815:66b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2600:9000:215... 2600:9000:2156:8400:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:225e:6c00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
7	95.216.65.102 95.216.65.102	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	99.86.4.99 99.86.4.99	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
11	2606:4700:1::... 2606:4700:1::6813:864e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:1::... 2606:4700:1::6813:874e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:d2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.19.228.187 2.19.228.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.209.248.17 52.209.248.17	16509 (AMAZON-02) (AMAZON-02)
63	20

10 2606:4700:3030::6815:66b (United States)

ASN13335 (CLOUDFLARENET, US)

ar.strephonsays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
strephonsays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.strephonsays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:8400:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:6c00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua

www.bigmp3db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net

optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:1::6813:874e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d2d (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.228.187 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.248.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-248-17.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8594 c.mgid.com — Cisco Umbrella Rank: 5670 cdn.mgid.com — Cisco Umbrella Rank: 11443 servicer.mgid.com — Cisco Umbrella Rank: 8526 s-img.mgid.com — Cisco Umbrella Rank: 5087 cm.mgid.com — Cisco Umbrella Rank: 1313	170 KB
10	strephonsays.com ar.strephonsays.com strephonsays.com — Cisco Umbrella Rank: 743917 a.strephonsays.com	459 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9151	2 KB
7	bigmp3db.com www.bigmp3db.com — Cisco Umbrella Rank: 557275	20 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2381	1 KB
4	consensu.org optad360.mgr.consensu.org — Cisco Umbrella Rank: 60493	249 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201	154 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3359	74 KB
3	optad360.io cmp.optad360.io — Cisco Umbrella Rank: 54654 get.optad360.io — Cisco Umbrella Rank: 37081	286 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111	163 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	6 KB
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1729	319 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 509	59 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1045	17 KB
1	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 12052	187 KB
1	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 321777	10 KB
63	16

	Domain	Requested by
7	mc.yandex.com	3 redirects ar.strephonsays.com
7	www.bigmp3db.com	ar.strephonsays.com www.bigmp3db.com
5	a.strephonsays.com	ar.strephonsays.com
4	s-img.mgid.com
4	cdn.mgid.com
4	optad360.mgr.consensu.org	cmp.optad360.io optad360.mgr.consensu.org
3	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
3	mc.yandex.ru	2 redirects ar.strephonsays.com
3	strephonsays.com	ar.strephonsays.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	cm.mgid.com	jsc.mgid.com
2	c.mgid.com	jsc.mgid.com
2	jsc.mgid.com	www.bigmp3db.com jsc.mgid.com
2	pagead2.googlesyndication.com	ar.strephonsays.com pagead2.googlesyndication.com
2	get.optad360.io	ar.strephonsays.com get.optad360.io
2	cdn.jsdelivr.net	ar.strephonsays.com get.optad360.io
2	ar.strephonsays.com	ar.strephonsays.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	cl.imghosts.com
1	servicer.mgid.com	jsc.mgid.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	cdn.zx-adnet.com	ar.strephonsays.com
1	cmp.optad360.io	ar.strephonsays.com
63	26

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
clck.mgid.com
strephonsays.com
bg.strephonsays.com
cs.strephonsays.com
el.strephonsays.com
es.strephonsays.com
et.strephonsays.com
fi.strephonsays.com
fr.strephonsays.com
hi.strephonsays.com
hr.strephonsays.com
hu.strephonsays.com
id.strephonsays.com
it.strephonsays.com
iw.strephonsays.com
ja.strephonsays.com
ko.strephonsays.com
lt.strephonsays.com
lv.strephonsays.com
ms.strephonsays.com
nl.strephonsays.com
no.strephonsays.com
pl.strephonsays.com
pt.strephonsays.com
ru.strephonsays.com
sk.strephonsays.com
sl.strephonsays.com
sr.strephonsays.com
sv.strephonsays.com
th.strephonsays.com
tr.strephonsays.com
uk.strephonsays.com
vi.strephonsays.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-12` - `2023-07-12`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-03-01` - `2023-11-15`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
username.digitalreceipt.co.ke GTS CA 1D4	`2023-03-10` - `2023-06-08`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
www.bigmp3db.com R3	`2023-02-27` - `2023-05-28`	3 months	crt.sh
optad360.mgr.consensu.org Amazon RSA 2048 M02	`2023-02-22` - `2023-06-21`	4 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://ar.strephonsays.com/
Frame ID: 40FF3AE1D804A6AB1ABEA11C6A838DAE
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/zrt_lookup.html
Frame ID: 1963ED63A0C482065DD821C65EB5EF5B
Requests: 1 HTTP requests in this frame

Frame: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Frame ID: B2C07089BEC0F6776B29D44DFA827858
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1681313393883528476170
Frame ID: 50011A89286E5252AE41954B8943A604
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

يعرف عن 2023

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

63
Requests

89 %
HTTPS

68 %
IPv6

16
Domains

26
Subdomains

20
IPs

7
Countries

1855 kB
Transfer

4930 kB
Size

16
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=ar.strephonsays.com&utm_medium=referral&utm_campaign=widgets&utm_content=1228643

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15323152/i/57561560/0/pp/1/1?h=gSeBRcBTOPAWlRK4BFX0PM0hWa2qPp3ClX_ry0pp5rmsHL_iYtfn28IbE7S7fy9kigQoU7AE8Y4ePPDluLVJ8w**&rid=df6db29d-d946-11ed-abe3-e43d1a2a04aa&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=120&mp4=1&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15875214/i/57561560/0/pp/2/1?h=gSeBRcBTOPAWlRK4BFX0PDxyqFRCPmwieHICUbiPftbWdVc713e291CB9cjSuGlEOSff12L6kbA4RlzpfV_44w**&rid=df6db29d-d946-11ed-abe3-e43d1a2a04aa&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=120&mp4=1&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15659581/i/57561560/0/pp/3/1?h=gSeBRcBTOPAWlRK4BFX0PJfd0bErI5GEPghALZHjrkmgni2hHqTRp2UXde18SfzIEyeDHffEZqJoksP5obbBtA**&rid=df6db29d-d946-11ed-abe3-e43d1a2a04aa&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=120&mp4=1&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15876764/i/57561560/0/pp/4/1?h=gSeBRcBTOPAWlRK4BFX0PJlzotdf06u9cx2eBr-c2W7aWilAeVtRMgfAC-Yu9jrRDMXLb7opz-sPYhp-aZkS_g**&rid=df6db29d-d946-11ed-abe3-e43d1a2a04aa&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=120&mp4=1&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15323147/i/57561560/0/pp/5/1?h=gSeBRcBTOPAWlRK4BFX0PJ0OEi8sb1A9ZOU1VD6GV0-CJPuSCzJOz7DHWeAF4-ESlcG2UEai3e_o9LmVwj3sKw**&rid=df6db29d-d946-11ed-abe3-e43d1a2a04aa&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=120&mp4=1&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*

Search URL Search Domain Scan URL

URL: https://strephonsays.com/

Search URL Search Domain Scan URL

URL: https://bg.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://cs.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://el.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://es.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://et.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://fi.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://fr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://hi.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://hr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://hu.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://id.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://it.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://iw.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ja.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ko.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://lt.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://lv.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ms.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://nl.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://no.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://pl.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://pt.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ru.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sk.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sl.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sv.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://th.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://tr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://uk.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://vi.strephonsays.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9971.OAam4ujAhqL6DoiSb4bC_2bokcK9yF9HOX2EWCtR2Nt7Mp_nwuLroUy9mKQVfoAd.lCRsqZ6TfiBhGQmzsm-f45e3rwU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9971.JSY4U9yIFe6Xok72JMG9_MQ-DppxWq8likZQlcen6I2IIZjqeTyinVaIdaq09vvC-4kuJPP6B9oryn3Cz0pEi3sOU7MjYfJTSt2szMPpC4s%2C.qy9ShXxx6tTaA3UHs_LIIm1_3gw%2C

Request Chain 35

https://mc.yandex.com/watch/53480917?wmode=7&page-url=https%3A%2F%2Far.strephonsays.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A290%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1011%3Acn%3A1%3Adp%3A0%3Als%3A678184861386%3Ahid%3A1003542291%3Az%3A0%3Ai%3A20230412152952%3Aet%3A1681313392%3Ac%3A1%3Arn%3A559814151%3Arqn%3A1%3Au%3A1681313392895303807%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A16%2C19%2C54%2C2%2C%2C0%2C%2C189%2C3%2C%2C%2C%2C284%3Aco%3A0%3Acpf%3A1%3Ans%3A1681313391615%3Arqnl%3A1%3Ast%3A1681313392%3At%3A%D9%8A%D8%B9%D8%B1%D9%81%20%D8%B9%D9%86%202023&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/53480917/1?wmode=7&page-url=https%3A%2F%2Far.strephonsays.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A290%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1011%3Acn%3A1%3Adp%3A0%3Als%3A678184861386%3Ahid%3A1003542291%3Az%3A0%3Ai%3A20230412152952%3Aet%3A1681313392%3Ac%3A1%3Arn%3A559814151%3Arqn%3A1%3Au%3A1681313392895303807%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A16%2C19%2C54%2C2%2C%2C0%2C%2C189%2C3%2C%2C%2C%2C284%3Aco%3A0%3Acpf%3A1%3Ans%3A1681313391615%3Arqnl%3A1%3Ast%3A1681313392%3At%3A%D9%8A%D8%B9%D8%B1%D9%81%20%D8%B9%D9%86%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 41

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9971.vU1FqmjmbIW7AtUVFFTJmU1mPJQqUwfxnRv6vETOdbT_bp5wpCoU06UFmR20ZyiX.yG2pwOgxRflDTF6RKuli2PHz2ow%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9971.AhtRmD6LYXa4e0SLlHn7CMvSctrApCFi9Is33tggpethM1vqRujZohbIw3qbv5qdXbDwQ-uiGiML8KCfkBd66RsOZhJRNOQnRECa3Rh7Ytg%2C.eJw0TpyHlAI-4_BFMIqoWqdpQ0E%2C

Request Chain 59

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Far.strephonsays.com%2F&domain=ar.strephonsays.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=tdg4tXxxdkJKT3RrNldwWWc2aUJJYXBwNldoeXNLUVBnYVc0eDVrdUlJakdUSndsdnpKcEhaVFR1WXljVEluWWVKQm1iNlJFSklLaWZhb2c2cVNlN2RxYmJ5UU8rK3hzYk4rTElJNzBpMzBZN0prdmZzSTFmQjE5U0xXSWZVT3B6VnMzVFNwUUNSamxyanJpVGVrWXdaSnYwa3BScHNtdnVEYWVlSXlEdHFvYXJQQlh6am8zY3huOWxNdkZGWG8vUEY4ZWhhRW5Say9URkN3N2lYbWcydFVBTngveVdjb29yblhvUStKS3RmdXdzVkpkNW1QR1p0di8wcHZibUgwYTVqWVZlfA&cppv=2

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ar.strephonsays.com/ 46 KB
7 KB 90ms
54ms Document
text/html 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: 04eb0579a6ea414f51af9beb69bd8d4816cb50919a6554212daf2e6c0a3883ed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 7b6c81d9d90d03b0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 12 Apr 2023 15:29:51 GMT
expires: Thu, 13 Apr 2023 15:29:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjHf0SkTblJa1phQ8e7j4XfWrBo%2FqySIFMU8cdtEvMxuyL0JSiRCaJxaXDVLaFLouvBXsl4T5r%2BluvO07oU2nHsxqQ0C4M7oxoqqO%2BK6Ohmct5gGaXTXECZrs8EBd4zigxNcvXP3kQSNlB8bPBSNfgLG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15

GET
H2 200 style.css
strephonsays.com/template/artemiz/css/ 27 KB
6 KB 45ms
18ms Stylesheet
text/css 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strephonsays.com/template/artemiz/css/style.css
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5692fdcd3cf15f5d2e98e6fb4f451dec0b2d61cae64af0b2bb18dfe46614c0ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 218988
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:14:04 GMT
server: cloudflare
etag: W/"6cae-5efef3ab093e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zg6kEHjIP%2Bd4zwSb7%2FzftTOGkQ39Rx04ow7WyXFi%2FGHG%2BeeGciVO9MxHw4zm4a7JsATgrrw95WRVPAlyh8fCYbhjoraySF4P2kGp4bd%2B%2FwXNs5TOg7baFe3%2FRnpE3%2BCYpJyV%2F3BY0HSlSSzStvQp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7b6c81da69f703b0-FRA
expires: Mon, 24 Apr 2023 02:40:03 GMT

GET
H2 200 yt.css
strephonsays.com/template/artemiz/css/ 69 KB
44 KB 55ms
29ms Stylesheet
text/css 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strephonsays.com/template/artemiz/css/yt.css
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71a005e915b96b3ed8feb7d4f5221db75e3658fd8678e68d5b04b5dce0aef73e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1028255
cf-polished: origSize=70952
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:14:05 GMT
server: cloudflare
etag: W/"11528-5efef3abd421a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlkU9XAYjHeM%2F6ukmkfbS1Pb9rVuqG7pJRAji8xq3Jr8c0x5JNNwkxNJC0YGsxCPz2CFNJmF8QrIEv0NvfAKBFfJJMuf1fE72c4Pbw0RjTZEPr5Hbytt6FPrc5swJY2kF2dqd9qxPjX1XJFYCHLy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7b6c81da69f803b0-FRA
expires: Fri, 14 Apr 2023 17:52:16 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
5 KB 39ms
7ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Apr 2023 15:29:51 GMT
x-content-type-options: nosniff
age: 8996
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4958
x-served-by: cache-fra-eddf8230022-FRA
x-jsd-version-type: version
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js Show response
cmp.optad360.io/items/ 253 KB
72 KB 81ms
9ms Script
application/javascript 2600:9000:2156:8400:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8400:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1cd9602b63db552abd2b3cd8689102702d17efae5e9fe98f94691efc77897b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:18:27 GMT
content-encoding: gzip
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
last-modified: Sun, 18 Apr 2021 12:34:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 685
etag: W/"4bc6f41a14eeeb489540c26fb99b9427"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: _gOTDFmGUPusbuakdcXFSINMPR9I9M5YTBFpT-q3g658FPopb8DrCw==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/ 286 KB
59 KB 80ms
8ms Script
application/javascript 2600:9000:225e:6c00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a9f667053394455ba7d064b526119757f84042d8078b2642093bbca2891bad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 08:08:18 GMT
content-encoding: gzip
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 07:57:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 26494
x-amz-server-side-encryption: AES256
etag: W/"6c46506927bcebb0a00d761938e812e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: z7oi_cRrCNlX7tzJB8rtVR9jYjy668ywsILX9lZlPqj8RSuXdCo8Cw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 100ms
58ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2173063720940886

Requested by

Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

198350a787373f881a2a1d2af746a86ac35c158617bd2d273323b54dab63196e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ar.strephonsays.com/
Origin: https://ar.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47817
x-xss-protection: 0
server: cafe
etag: 9093587113279057659
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 15:29:51 GMT

GET
H2 200 scripts.js Show response
strephonsays.com/template/artemiz/js/ 177 KB
61 KB 46ms
21ms Script
application/javascript 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strephonsays.com/template/artemiz/js/scripts.js
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68dbc402b8d95b31ec11900b3b5aee781e46330beeec75070f60a40c03b402d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1029250
cf-polished: origSize=181106
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:14:07 GMT
server: cloudflare
etag: W/"2c372-5efef3ae1ed1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BirdqKLtSfArc9NBrMSKlsobj7JYPq%2B81NfekqFmieNF%2FCyi35w2BSRLnCgIyYZ%2F%2BP3FWtyxMxjkLbZm1v6hwbfksTUHY5DZOVswCpyZqQP38EJ2YbvMQ800GzsgKwwMq%2FKVz21mmdsdypYtmPc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7b6c81da69fa03b0-FRA
expires: Fri, 14 Apr 2023 17:35:41 GMT

GET
H2 200 rocket-loader.min.js Show response
ar.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 14ms
13ms Script
application/javascript 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ar.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Apr 2023 10:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"642bf60d-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FB3HpNlGMZFwGmjT0KTyB4wW0Ys%2FOxKBwbzzfawgZtqU2pUpcyNVXuKXi%2B8ymr7cJT7zYIkGsiZtYjkx7FrfY1Nj8k3DBmWjBxTzKF85EG8XcSOmPhIarwDFOnsapWG08nOMMwpnUHXOYmJN04cIYm7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7b6c81da69f303b0-FRA
expires: Fri, 14 Apr 2023 15:29:51 GMT

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 34 KB
10 KB 127ms
47ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.38501069437034996

Requested by

Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230107-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Wed, 12 Apr 2023 15:29:51 GMT
last-modified: Tue, 17 Jan 2023 17:33:04 GMT
x-timer: S1681313392.863474,VS0,VE37
etag: "e816600dd00bd96b1fef78362730b72e57d5bac88839b4da007d48db85d79519-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache-hits: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 212 KB
73 KB 243ms
115ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

70e8b6db69fe62d1ddbf326b78fabe363cc238f51319bd5f7b71c25213fe89f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 12:29:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6435286c-1217a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74106
expires: Wed, 12 Apr 2023 16:29:51 GMT

GET
H2 200 1duwt.min.js Show response
www.bigmp3db.com/ 67 KB
19 KB 179ms
71ms Script
text/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.min.js?d7b48be

Requested by

Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

7288c20b13b744af212d6df6ad459628687cf60a1ffe7f99d72e033b556450f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:51 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
duration: 265923
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Wed, 12-Apr-2023 18:34:51 EEST

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 Difference-Between-Companies-Limited-by-Shares-and-Companies-Limited-by-Guarantee.webp
a.strephonsays.com/business/ 47 KB
47 KB 155ms
15ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/business/Difference-Between-Companies-Limited-by-Shares-and-Companies-Limited-by-Guarantee.webp
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb23189475c4f60039d1389da9ab3225c9c215c3ffa4af384ceccecc038759ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6590
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48014
last-modified: Wed, 06 Oct 2021 21:04:42 GMT
server: cloudflare
etag: "bb8e-5cdb57eb812f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDrQgxq7IV2bH6R7FnFbUie9RY%2BEwwA54lOuj52YC9lw%2BazCAHpzxpi0ziqdlG3cCYmQRzBqRKDu%2FO4OVbnd438gJzRg5BBBS8s0moJOoCvuc5ALPTTBui8eMMzYLcQ4sKf0taX9DeS4aY%2FpxQFuAU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6c81dc0cc403b0-FRA

GET
H2 200 Difference-Between-Roti-and-Chapati-1.webp
a.strephonsays.com/life-style-2/ 47 KB
47 KB 175ms
36ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/life-style-2/Difference-Between-Roti-and-Chapati-1.webp
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af01797d233b68aec87f1010e56321396844af9daeb28662d888939e92a76b91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 06 Oct 2021 22:48:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "bb4a-5cdb6f1e3004f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AT6aoxAp5Dwni%2FF4EhsdN%2BxtsErqvV7PMO4MbXq3gn%2Bh086BWf2ITX8BqvGBJCtFn8ti62vkF0EKRSgnCHRRmwoHOqF2Ab23xVMKbEUp0Xl%2BoeukUMcbch3oi%2FC%2F4xJy2nvLALs7ZRc3jfsW4bz3CfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6c81dc0cc903b0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47946

GET
H2 200 Difference-Between-Sol-Solution-and-Suspension-2.webp
a.strephonsays.com/science-nature/ 60 KB
61 KB 188ms
49ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/science-nature/Difference-Between-Sol-Solution-and-Suspension-2.webp
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83e36e7190bf0f00b631c0cc933f9ef7deeb12cf05da1affa3fc7c544acc36f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 23:08:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f19a-5cdb7393524a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiKWj7oA0FbfhdKjNc9pJA5XYHuIhbqvYKAhzIJBNiwTJ7o3n%2BK9Nc4p%2Bz9%2Fb1a1TUGEFnopW1qP9Rdf01esGZc62xbT8HbuFWLSiRI01bJBNwwCRWF90Oj12OvbqjbfMpN67vTToZqcWcVXPkcN3GY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6c81dc0cc703b0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61850

GET
H2 200 Difference-Between-Caramel-and-Salted-Caramel.webp
a.strephonsays.com/life-style-2/ 61 KB
62 KB 189ms
50ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/life-style-2/Difference-Between-Caramel-and-Salted-Caramel.webp
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36bd7516a7e43f420111787723560c46d88f6b193d0d8c22039372d68a802a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 22:51:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f5c6-5cdb6fc625cc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdxArGVoAY20JTheoWHKUSyjNQezO%2FBM9tD5mbJ7eg94YigMCR6eUY1dDRg7wmqdHwhkrjD%2Bsmz3yBgOauJlTcyvq4mnes2%2FAiLxgHBK5ViBoco2DlwmTm4zBnJLqYm0a8OSllFq7paiBMCwSnthKj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6c81dc0ccd03b0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62918

GET
H2 200 Difference-Between-Deterrence-and-Retribution-2.webp
a.strephonsays.com/public/ 118 KB
119 KB 186ms
48ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/public/Difference-Between-Deterrence-and-Retribution-2.webp
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1847af3947589999cfd242b4e6b344de6f4cf9b4f3a2fce05a074def7c85c07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 23:01:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1d9c4-5cdb720aa996c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wilSmKGxcczZx%2BiyyrWDQLRnpVSeC8O5f%2Bv1TIXOZmyrMz7cfRXOooy3U0MkAGoP7qsuzUj0itaalt66VNl1pvjqKmp6%2FdPAQs6lsHkDTN9EvRP%2FTD9iF%2BctmHhl5ES9%2F5TaGOC7hZFa1MNAfvwW2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6c81dc0cd003b0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 121284

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 130ms
107ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2173063720940886&plah=ar.strephonsays.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2173063720940886

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb7b852e74c07fce6d901f1cc61855a7d857949644b66e475af187d87cb1df7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118931
x-xss-protection: 0
server: cafe
etag: 6003154840996319324
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 15:29:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/ Frame 1963 10 KB
5 KB 30ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2173063720940886

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ar.strephonsays.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 15:37:40 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 15:37:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en.json Show response
optad360.mgr.consensu.org/cmp/v2/translations/v4/ 4 KB
2 KB 46ms
10ms XHR
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
Requested by: Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:57:45 GMT
content-encoding: gzip
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
last-modified: Thu, 29 Oct 2020 12:24:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 70328
etag: W/"e3fe984dfb883f99b54c331403be617b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: public, max-age=360000000
x-amz-cf-id: jTj-4evzd21lMVwCptXW-oMScdyKMyUEhrZg6HYAuX0LNxyYKWpXXg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
25 KB 130ms
84ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08a327a7a18f24e566fe0b0d86271109abbca277c5e226785b6740d18a4e59d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25529
x-xss-protection: 0
server: cafe
etag: 493 / 19459 / 31073785 / config-hash: 7827658349598518326
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 15:29:52 GMT

GET
H2 200 prebid7.17.1.js Show response
get.optad360.io/sf/ 495 KB
156 KB 7ms
7ms Script
application/javascript 2600:9000:225e:6c00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid7.17.1.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcbf5baf3fbe1ce55828221062341d9a30a688ce01378be721ad3123041ae6a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 15:59:13 GMT
content-encoding: gzip
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Wed, 08 Feb 2023 10:13:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3713440
etag: W/"09e171853ab31e5067c8e235ae90409c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: 1gz8KwKGp8TDhjAt-I1kgwnA806IA469X2KNxDZd9fCnHf6idqg7Fg==

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
269 B 112ms
38ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?d7b48be

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

15b3ebe5b609b257c925c2e30a73d8832738c6c508574a6103ce1e57865f85ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 615 B
569 B 112ms
39ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?d7b48be

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

5f703f7c5f79c2c0e3219a42902b4c472360214ebf9402fc45dee683b6cf4c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9971.OAam4ujAhqL6DoiSb4bC_2bokcK9yF9HOX2EWCtR2Nt7Mp_nwuLroUy9mKQVfoAd.lCRsqZ6TfiBhGQmzsm-f45e3rwU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9971.JSY4U9yIFe6Xok72JMG9_MQ-DppxWq8likZQlcen6I2IIZjqeTyinVaIdaq09vvC-4kuJPP6B9oryn3Cz0pEi3sOU7MjYfJTSt2szMPpC4s%2C.qy9ShXxx6tTaA3UHs_LIIm1_3gw%2C

43 B
79 B

61ms
61ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9971.JSY4U9yIFe6Xok72JMG9_MQ-DppxWq8likZQlcen6I2IIZjqeTyinVaIdaq09vvC-4kuJPP6B9oryn3Cz0pEi3sOU7MjYfJTSt2szMPpC4s%2C.qy9ShXxx6tTaA3UHs_LIIm1_3gw%2C

Requested by

Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9971.JSY4U9yIFe6Xok72JMG9_MQ-DppxWq8likZQlcen6I2IIZjqeTyinVaIdaq09vvC-4kuJPP6B9oryn3Cz0pEi3sOU7MjYfJTSt2szMPpC4s%2C.qy9ShXxx6tTaA3UHs_LIIm1_3gw%2C
date: Wed, 12 Apr 2023 15:29:52 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 cmp-3.0.0.min.js Show response
optad360.mgr.consensu.org/cmp/v2/ Frame B2C0 691 KB
190 KB 21ms
6ms Script
application/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Requested by: Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 21:56:36 GMT
content-encoding: gzip
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified: Wed, 07 Apr 2021 09:53:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 63196
etag: W/"2ea07aea04f56769b6dd53f48dae904d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-cf-id: mih2w2DOxClzjTq2KN9J_BPJqseNqTa2Jp6_6XwbwFgEpGjD5AnQrQ==

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 19ms
7ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230412

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

925bf96428c2caafdc661c7b24f7a2461c5f06e57e5b2811da92ef07f47bfa9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Apr 2023 15:29:52 GMT
x-content-type-options: nosniff
content-encoding: br
age: 41339
x-jsd-version: 1.0.1673
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 846
x-served-by: cache-fra-eddf8230093-FRA
x-jsd-version-type: version
etag: W/"63e-+ICztFzzAu6EvfSa4QBMPIFL3Uw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 41ms
41ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?d7b48be

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

ff6704748b62620378cca78f4d535953f9766b054e5afa473cc7c7d9c7c3b0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 fondoperlaterra.org.1228643.js Show response
jsc.mgid.com/f/o/ 3 KB
2 KB 55ms
17ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.js
Requested by: Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?d7b48be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 331759cc07003ed9a0efba0c6355ce686fdb7f68a24d0d72b086e7fa2aae81e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
x-amz-version-id: _SVUgmQWLdLZjeEOB60afDKKg_c_t5oc
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: KNGB9BVP1R637DX1
age: 5361
cf-polished: origSize=2670
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: NZeFd/p9gyj2EjBQquKhcog9r9oRVWgiO9E5Tdi5W52SbMBbFmT0xVxEjdRwRE8HPfBL/9Jhd87UAD1HA/dciBO1RPXOkp7syt8dqKS/vRI=
cf-bgj: minify
last-modified: Wed, 22 Mar 2023 12:06:00 GMT
server: cloudflare
etag: W/"ffd6f2a3b42f8c9ac49d51c17d2c026d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7b6c81ddba759a09-FRA
expires: Wed, 12 Apr 2023 18:29:52 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/ 398 KB
124 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073785

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d3b45a4be3864673801baea2c3f066e1c7320bab56d3c7818d7484cf1811696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:36:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86019
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126408
x-xss-protection: 0
server: cafe
etag: 11042757488233447259
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:36:13 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 90 B
94 B 64ms
43ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ar.strephonsays.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

661d11a25f04b1396352b49ea31984fc1a68a4c30e87f241873a240666d3f8c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69
x-xss-protection: 0
expires: Wed, 12 Apr 2023 15:29:52 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 36ms
35ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?d7b48be

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

331265e716919a38450577b87b2916f3a580883667dd383b3fe38adf38af3ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 vendor-list.json Show response
optad360.mgr.consensu.org/cmp/v2/ Frame B2C0 406 KB
54 KB 11ms
11ms XHR
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/vendor-list.json
Requested by: Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56ae2a10cd6ec3ddd872559ea9bb8f03cff58ffdf1dc4038a1c8e28611c2c222

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 04:29:44 GMT
content-encoding: gzip
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 39608
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 07 Apr 2023 01:00:09 GMT
server: AmazonS3
etag: W/"aaa5a8f5326cb446d8b7ce5856442706"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=360000000
x-amz-cf-id: oJEFHARWvJ0MwsAdemevRVuBqLEqnePTz3G1YhA_JoVS3jGVaLFgTA==

GET
H2 200 fondoperlaterra.org.1228643.es6.js Show response
jsc.mgid.com/f/o/ 252 KB
71 KB 24ms
23ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 688708971d125171e4ca49c4437825acdf8778e5fa23fc10c51a5925dc494316

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
x-amz-version-id: GwC9tPmA.DHMMVWO.Rm138EWg6BqOV5i
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 311BXSCC4BQJ2CHR
age: 6825
cf-polished: origSize=258143
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZDSdt/v18Eikx3uGRR7rraOMXo2CntdWWRiyT2QePXo7DwlTvbl+eRXtrGADcEt74MnYtgkrKkw=
cf-bgj: minify
last-modified: Mon, 03 Apr 2023 11:24:08 GMT
server: cloudflare
etag: W/"8143c4c19b60cdc6b92c0f0acf83f221"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7b6c81debbfd9a09-FRA
expires: Wed, 12 Apr 2023 18:29:52 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 32ms
32ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?d7b48be

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

fa42bae02655421ebe9bee852fbea63569fb7da75781afc95357e03774cc4f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2

200

1 Show response
mc.yandex.com/watch/53480917/
Redirect Chain

https://mc.yandex.com/watch/53480917?wmode=7&page-url=https%3A%2F%2Far.strephonsays.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A290%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
https://mc.yandex.com/watch/53480917/1?wmode=7&page-url=https%3A%2F%2Far.strephonsays.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A290%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...

447 B
530 B

66ms
66ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/53480917/1?wmode=7&page-url=https%3A%2F%2Far.strephonsays.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A290%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1011%3Acn%3A1%3Adp%3A0%3Als%3A678184861386%3Ahid%3A1003542291%3Az%3A0%3Ai%3A20230412152952%3Aet%3A1681313392%3Ac%3A1%3Arn%3A559814151%3Arqn%3A1%3Au%3A1681313392895303807%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A16%2C19%2C54%2C2%2C%2C0%2C%2C189%2C3%2C%2C%2C%2C284%3Aco%3A0%3Acpf%3A1%3Ans%3A1681313391615%3Arqnl%3A1%3Ast%3A1681313392%3At%3A%D9%8A%D8%B9%D8%B1%D9%81%20%D8%B9%D9%86%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6342420a6a7214787a77d44b80759ad990a287e9aea3f5387f3e3df443dda919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:29:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 12-Apr-2023 15:29:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ar.strephonsays.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 12-Apr-2023 15:29:52 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:29:52 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 12-Apr-2023 15:29:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/53480917/1?wmode=7&page-url=https%3A%2F%2Far.strephonsays.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A290%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1011%3Acn%3A1%3Adp%3A0%3Als%3A678184861386%3Ahid%3A1003542291%3Az%3A0%3Ai%3A20230412152952%3Aet%3A1681313392%3Ac%3A1%3Arn%3A559814151%3Arqn%3A1%3Au%3A1681313392895303807%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A16%2C19%2C54%2C2%2C%2C0%2C%2C189%2C3%2C%2C%2C%2C284%3Aco%3A0%3Acpf%3A1%3Ans%3A1681313391615%3Arqnl%3A1%3Ast%3A1681313392%3At%3A%D9%8A%D8%B9%D8%B1%D9%81%20%D8%B9%D9%86%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://ar.strephonsays.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 12-Apr-2023 15:29:52 GMT

GET
BLOB 200
OK fe3c772d-1513-4bd7-bd5e-9481a799c59d
https://ar.strephonsays.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ar.strephonsays.com/fe3c772d-1513-4bd7-bd5e-9481a799c59d
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK dfae5621-e4f0-4d85-b639-a9b740a85b33
https://ar.strephonsays.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ar.strephonsays.com/dfae5621-e4f0-4d85-b639-a9b740a85b33
Requested by: Host: ar.strephonsays.com
URL: https://ar.strephonsays.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 35ms
34ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?d7b48be

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

b7942073155358805ba386e0e2c5bfacbd203323321a49436ce8abfc8a6c8622

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 branding-ads.svg
optad360.mgr.consensu.org/icons/ 7 KB
3 KB 15ms
14ms Image
image/svg+xml 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optad360.mgr.consensu.org/icons/branding-ads.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 02:24:27 GMT
content-encoding: gzip
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 47125
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: DUG-T9dbfkiZ-sI2CMhESmsL1OKmVdVOZ3B-JhA93YJz8Jv-fBBBsw==

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
125 B 59ms
59ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 12:29:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6435286c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 12 Apr 2023 16:29:52 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9971.vU1FqmjmbIW7AtUVFFTJmU1mPJQqUwfxnRv6vETOdbT_bp5wpCoU06UFmR20ZyiX.yG2pwOgxRflDTF6RKuli2PHz2ow%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9971.AhtRmD6LYXa4e0SLlHn7CMvSctrApCFi9Is33tggpethM1vqRujZohbIw3qbv5qdXbDwQ-uiGiML8KCfkBd66RsOZhJRNOQnRECa3Rh7Ytg%2C.eJw0TpyHlAI-4_BFMI...

43 B
94 B

74ms
72ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9971.AhtRmD6LYXa4e0SLlHn7CMvSctrApCFi9Is33tggpethM1vqRujZohbIw3qbv5qdXbDwQ-uiGiML8KCfkBd66RsOZhJRNOQnRECa3Rh7Ytg%2C.eJw0TpyHlAI-4_BFMIqoWqdpQ0E%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9971.AhtRmD6LYXa4e0SLlHn7CMvSctrApCFi9Is33tggpethM1vqRujZohbIw3qbv5qdXbDwQ-uiGiML8KCfkBd66RsOZhJRNOQnRECa3Rh7Ytg%2C.eJw0TpyHlAI-4_BFMIqoWqdpQ0E%2C
date: Wed, 12 Apr 2023 15:29:52 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
c.mgid.com/pv/ 0
43 B 46ms
25ms Script
text/plain 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1681313392658344727390&lct=1680480000&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Far.strephonsays.com%2F&lu=https%3A%2F%2Far.strephonsays.com%2F&sessionId=6436ce71-0148c&pageView=1&pvid=187761668138a7895e5&site=761202&implVersion=11&dpr=1&tfre=951
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b6c81e04e0e9a09-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content 7bc6e61c-b446-462c-94aa-ac39425056ae
https://ar.strephonsays.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ar.strephonsays.com/7bc6e61c-b446-462c-94aa-ac39425056ae
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 60ms
29ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BMS2JTQQHWBDN39N
age: 6978
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: itZtl/vncvcRl3RoPVhXerIphKTDQdl/P4V3JLIGOpGgPpKAtk6qw8GTCLFwy+LbMB6dIQXcAKI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b6c81e07e499a09-FRA
expires: Thu, 13 Apr 2023 15:29:52 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
887 B 48ms
17ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:52 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: T51QQMMBAGNGBFRK
age: 4551
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 3FdLqR2y529F/4/kuef/T473JVS9mY81bSHJ+sgya9RLwuyZIh6qIzPMpWWqjoymYMeyoTsOEIs=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b6c81e07e4b9a09-FRA
expires: Thu, 13 Apr 2023 15:29:52 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1228643/ 5 KB
2 KB 75ms
55ms Script
application/x-javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1228643/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1681313393739692573793&lct=1680480000&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1400&h=310&maxw_3=266&maxh_3=264&sz=266x264&szp=1,2,3,4,5&szl=1,2,3,4,5&cols=5&tcfV2=1&ref=&cxurl=https%3A%2F%2Far.strephonsays.com%2F&lu=https%3A%2F%2Far.strephonsays.com%2F&sessionId=6436ce71-0148c&pageView=1&pvid=187761668138a7895e5&implVersion=11&dpr=1&tfre=2031
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2254281cbbebfe5c3d091c67dea35bec8075b59e7d1fae735c13c810485b07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7b6c81e7082b9a09-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 23ms
21ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:53 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BMS2JTQQHWBDN39N
age: 6979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: itZtl/vncvcRl3RoPVhXerIphKTDQdl/P4V3JLIGOpGgPpKAtk6qw8GTCLFwy+LbMB6dIQXcAKI=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b6c81e77b29699f-FRA
expires: Thu, 13 Apr 2023 15:29:53 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1010 B 39ms
37ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:53 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: T51QQMMBAGNGBFRK
age: 4552
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 3FdLqR2y529F/4/kuef/T473JVS9mY81bSHJ+sgya9RLwuyZIh6qIzPMpWWqjoymYMeyoTsOEIs=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b6c81e77b2d699f-FRA
expires: Thu, 13 Apr 2023 15:29:53 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAyLzU2MTUwOS81OGQ0M...
s-img.mgid.com/g/15323152/492x328/-/ 22 KB
22 KB 108ms
33ms Image
image/webp 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15323152/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAyLzU2MTUwOS81OGQ0MTUxODY1ZDJiODZjZjAxOGRmOWI1ZGQwZjIwZi5qcGc.webp?v=1681313393-T18rTrz-2eJKt0MeYAIS7ECfuue9rEMnLRE8pxKhHeE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5229a89af0d83ae2201c2ff2a572284c5c0b9fbcfdec7fc9f535f863d225ef77

Request headers

Referer: https://ar.strephonsays.com/
Origin: https://ar.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:53 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2023 08:48:56 GMT
x-mg-request-uuid: 38dbb389-8b8b-4d73-8da6-1ae8833a9f99
server: cloudflare
age: 5465345
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7b6c81e7efd23aa2-FRA
content-length: 22574
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA0LzQ3MDMzNS9kMTE2M...
s-img.mgid.com/g/15875214/492x328/-/ 19 KB
19 KB 98ms
24ms Image
image/webp 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15875214/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA0LzQ3MDMzNS9kMTE2MzM2YTBmZDY2ZmJhZTNjYzdlYmM2ZDVmNDNlOS5wbmc.webp?v=1681313393-RXMeLdHqCN6izCHPn83bf8UPz5zMfe4ueSARQB5qudw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae8ed10fa0e4a665d75dbf7a2cb8cf035c568b7bfee2966e73367a1c9638b68a

Request headers

Referer: https://ar.strephonsays.com/
Origin: https://ar.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:53 GMT
cf-cache-status: HIT
last-modified: Mon, 10 Apr 2023 09:31:21 GMT
x-mg-request-uuid: 61f69e45-9af6-4c43-bdc6-7345a1a32d35
server: cloudflare
age: 193632
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7b6c81e7efd53aa2-FRA
content-length: 19134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzUzMDQ1My9kN2QwM...
s-img.mgid.com/g/15659581/492x328/-/ 14 KB
14 KB 106ms
32ms Image
image/webp 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15659581/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzUzMDQ1My9kN2QwMzNiNzNlNTJhOWNhOGJlZGM2N2FkMGRmMjY3OS5qcGVn.webp?v=1681313393-WEZipqTfoYSgm4Ma0D3hLGc_kh3kv7sfucroANFC-Co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 774b02a17e7c4833990a848acfafbc9b622e7b4ea730845f665ebcfee80c27da

Request headers

Referer: https://ar.strephonsays.com/
Origin: https://ar.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:53 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 15:03:05 GMT
x-mg-request-uuid: cdadb661-25dc-4269-92ad-2e32da32438f
server: cloudflare
age: 2246550
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7b6c81e7efd93aa2-FRA
content-length: 13864
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAyLzU2MTUwOS82MjQ4N...
s-img.mgid.com/g/15323147/492x328/-/ 35 KB
35 KB 93ms
19ms Image
image/webp 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15323147/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAyLzU2MTUwOS82MjQ4NmU4YTUwOWI2NGZlNWJiM2E1M2Y3NWRlZmEwMi5qcGc.webp?v=1681313393-myfHTk_h_D5OsfHipSbl71rEpT7V4wZBXYS76uTKM0U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 059c65361fabb1491df95a87e47ecb85e2bafc1216c073cc064ddddeecfe265a

Request headers

Referer: https://ar.strephonsays.com/
Origin: https://ar.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:53 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2023 08:48:44 GMT
x-mg-request-uuid: 122bb3dc-831d-40a0-9504-84723cc8b26c
server: cloudflare
age: 5465594
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7b6c81e7efdb3aa2-FRA
content-length: 35680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 206 8d6340827b1d26a4812d1e7f6f4cddc2.mp4
cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2022-12/741329/ 186 KB
187 KB 85ms
16ms Media
video/mp4 2606:4700::6812:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2022-12/741329/8d6340827b1d26a4812d1e7f6f4cddc2.mp4?v=1681313393-Ym1Alf4KCEMucQcABQsSvh6nsW8s9OBsBTvhbzJ2ifs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

184a0e223e905649a4adf44a852e5f0d7c58a394f512501003af6effc35751d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ar.strephonsays.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 12 Apr 2023 15:29:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 190576
Content-Range: bytes 0-190859/190860
server-timing: cld-cloudflare;mitm=c;dur=1022;start=2023-04-10T10:30:12.107Z;desc=miss;cloudinary;dur=1000;start=2023-04-10T10:30:12.125Z,cld-id;desc=a29e97195ace52b9831ee3045e9e3912
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 190860
x-request-id: a29e97195ace52b9831ee3045e9e3912
last-modified: Mon, 10 Apr 2023 10:30:14 GMT
server: cloudflare
etag: "a9cfe251b4e7a22633fbe2774df78d71"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 7b6c81e7eb819bd4-FRA

GET
H2 200 i.js Show response
cm.mgid.com/ 0
124 B 151ms
114ms Script
application/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1681313393855861023000
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:29:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7b6c81e7e9669a09-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 5001 0
37 B 131ms
116ms Script
application/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1681313393883528476170
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:29:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7b6c81e7e95e9a09-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 50ms
17ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: QWC5036W5MB9GCBS
age: 1586
etag: W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7b6c81e80e2f925c-FRA
x-amz-id-2: 4wlxoMj5p4kE+qmEoIMgkSGofixg60CYuXzKLKcMe3pU19oVK7MKAXCnOG+XeRQNqqLaMMY2/bY8UPgvE9G+5g==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 190 KB
59 KB 72ms
9ms Script
application/javascript 2.19.228.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.187 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-228-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 25795c5164a6b299891cdaf8925dfb9b5e7961ac9f740667c3722e0111353986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:53 GMT
content-encoding: gzip
last-modified: Wed, 22 Feb 2023 07:52:04 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=28719
accept-ranges: bytes
content-length: 60066
expires: Wed, 12 Apr 2023 23:28:32 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 57ms
15ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Far.strephonsays.com%2F&domain=ar.strephonsays.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ar.strephonsays.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ar.strephonsays.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 12 Apr 2023 15:29:53 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 222357
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Far.strephonsays.com%2F&domain=ar.strephonsays.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=tdg4tXxxdkJKT3RrNldwWWc2aUJJYXBwNldoeXNLUVBnYVc0eDVrdUlJakdUSndsdnpKcEhaVFR1WXljVEluWWVKQm1iNlJFSklLaWZhb2c2cVNlN2RxYmJ5UU8rK3hzYk4rTElJNzBpMzBZN0prdmZzSTFmQjE5U0xXSW...

420 B
585 B

40ms
14ms

XHR
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=tdg4tXxxdkJKT3RrNldwWWc2aUJJYXBwNldoeXNLUVBnYVc0eDVrdUlJakdUSndsdnpKcEhaVFR1WXljVEluWWVKQm1iNlJFSklLaWZhb2c2cVNlN2RxYmJ5UU8rK3hzYk4rTElJNzBpMzBZN0prdmZzSTFmQjE5U0xXSWZVT3B6VnMzVFNwUUNSamxyanJpVGVrWXdaSnYwa3BScHNtdnVEYWVlSXlEdHFvYXJQQlh6am8zY3huOWxNdkZGWG8vUEY4ZWhhRW5Say9URkN3N2lYbWcydFVBTngveVdjb29yblhvUStKS3RmdXdzVkpkNW1QR1p0di8wcHZibUgwYTVqWVZlfA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

df8e948910f886c0cbc6fde45d00fa57bf2d5bb7b49cdfe24cd0b701bae146d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:29:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 926524
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:29:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=tdg4tXxxdkJKT3RrNldwWWc2aUJJYXBwNldoeXNLUVBnYVc0eDVrdUlJakdUSndsdnpKcEhaVFR1WXljVEluWWVKQm1iNlJFSklLaWZhb2c2cVNlN2RxYmJ5UU8rK3hzYk4rTElJNzBpMzBZN0prdmZzSTFmQjE5U0xXSWZVT3B6VnMzVFNwUUNSamxyanJpVGVrWXdaSnYwa3BScHNtdnVEYWVlSXlEdHFvYXJQQlh6am8zY3huOWxNdkZGWG8vUEY4ZWhhRW5Say9URkN3N2lYbWcydFVBTngveVdjb29yblhvUStKS3RmdXdzVkpkNW1QR1p0di8wcHZibUgwYTVqWVZlfA&cppv=2
access-control-allow-origin: https://ar.strephonsays.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 382730
content-length: 0
expires: 0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
319 B 285ms
31ms XHR
application/json 52.209.248.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?gdpr_applies=false
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.248.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-248-17.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://ar.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:29:54 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ar.strephonsays.com
cache-control: no-cache
x-server: 10.45.28.46
access-control-allow-credentials: true
content-length: 43
expires: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 173ms
14ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 12 Apr 2023 15:29:54 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 280438
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 c
c.mgid.com/ 43 B
213 B 29ms
28ms Image
image/gif 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=266|264|8|gSeBRcBTOPAWlRK4BFX0PJlzotdf06u9cx2eBr-c2W7aWilAeVtRMgfAC-Yu9jrRDMXLb7opz-sPYhp-aZkS_g**&fw=1&extjs=66044&v=266|264|24|gSeBRcBTOPAWlRK4BFX0PJ0OEi8sb1A9ZOU1VD6GV0-CJPuSCzJOz7DHWeAF4-ESlcG2UEai3e_o9LmVwj3sKw**&v=266|264|8|gSeBRcBTOPAWlRK4BFX0PDxyqFRCPmwieHICUbiPftbWdVc713e291CB9cjSuGlEOSff12L6kbA4RlzpfV_44w**&v=266|264|8|gSeBRcBTOPAWlRK4BFX0PJfd0bErI5GEPghALZHjrkmgni2hHqTRp2UXde18SfzIEyeDHffEZqJoksP5obbBtA**&v=266|264|40|gSeBRcBTOPAWlRK4BFX0PM0hWa2qPp3ClX_ry0pp5rmsHL_iYtfn28IbE7S7fy9kigQoU7AE8Y4ePPDluLVJ8w**&cid=1228643&h2=dzwNdClYvQ_-z7-hsWerx4RNL6aqfuF54CKQ5pbGHjw*&rid=df6db29d-d946-11ed-abe3-e43d1a2a04aa&tt=Direct&iv=11&pageImp=1&pvid=187761668138a7895e5&cbuster=1681313395126706286607
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ar.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:29:55 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: d556af12-1518-4d87-9c5f-582e05fc3b1c
server: cloudflare
content-type: image/gif
cf-ray: 7b6c81ef8d3a699f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.strephonsays.com/	1970-01-20 19:47:29	Name: _ym_uid Value: 1681313392895303807
.strephonsays.com/	1970-01-20 19:47:29	Name: _ym_d Value: 1681313392
ar.strephonsays.com/	1970-01-20 11:45:05	Name: _pbjs_userid_consent_data Value: 6683316680106290
.mc.yandex.com/	1970-01-20 11:01:53	Name: sync_cookie_csrf Value: 3705873847fake
.strephonsays.com/	1970-01-20 19:47:29	Name: _sharedID Value: 35fe2b16-51c2-4315-896f-6cda08178079
.mgid.com/	1970-01-20 11:01:55	Name: __cf_bm Value: j5ml4hKFjZOVk6LeRZlEYr0eV5k1gVQHInEooiaC4eA-1681313392-0-AbSYQ5dgeiS9ymtU/yRlR+NpPjIvkZrwQAlDV3WU0YYxZwsSuXXDZgW3YonNxiOogA/nwynia/oXo8ExICJNfv0=
.mc.yandex.ru/	1970-01-20 11:01:53	Name: sync_cookie_csrf Value: 2493825994fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1189192111681313392
.yandex.com/	1970-01-20 20:37:53	Name: i Value: W7hhD27aHhYFwUzPpdaO+EphbB+aHDPDAFHMjHk+qzsjn/2enKVE72dakJEHLDix+FoY49cso3BDTvjH+woSvYP00AQ=
.yandex.com/	1970-01-20 20:37:53	Name: yandexuid Value: 9654765801681313392
.yandex.com/	1970-01-20 19:47:29	Name: yuidss Value: 9654765801681313392
.yandex.com/	1970-01-20 19:47:29	Name: ymex Value: 1712849392.yc.1681313392#1712849392.yrts.1681313392#1712849392.yrtsi.1681313392
.strephonsays.com/	1970-01-20 11:03:05	Name: _ym_isad Value: 2
ar.strephonsays.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1228643%22%3A%7B%22page%22%3A1%2C%22time%22%3A1681313393829%7D%7D
.strephonsays.com/	1970-01-20 20:23:29	Name: cto_bundle Value: HV9oG19WcVJTb0RHTm9Lb2VUJTJCMU5ZUEFzUkI3b0R4cHVFSkFlYWhlRHlFY0wwSUc3RG5hTlJFbkRaM0tJVTVhQjFPTlglMkZ4dUhkNEJTN3VrcVYlMkJmOSUyRmVNNE9XY1BXaFY4QktLUXlzVVptelhDamJMQ3RWdG5UUHJpaXZNTjV4M3NuRHhZ
.strephonsays.com/	1970-01-20 20:23:29	Name: cto_bidid Value: rSWoVV9WcVJTb0RHTm9Lb2VUJTJCMU5ZUEFzUkI3b0R4cHVFSkFlYWhlRHlFY0wwSUc3RG5hTlJFbkRaM0tJVTVhQjFPTlglMkZ4dUhkNEJTN3VrcVYlMkJmOSUyRmVNNE9XY1BXaFY4QktLUXlzVVptelhDamJJRGMlMkJCekwlMkZQb205byUyRlJSdFhab1Nh

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.strephonsays.com
ads.pubmatic.com
ar.strephonsays.com
c.mgid.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.zx-adnet.com
cl.imghosts.com
cm.mgid.com
cmp.optad360.io
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
id.crwdcntrl.net
jsc.mgid.com
mc.yandex.com
mc.yandex.ru
mug.criteo.com
optad360.mgr.consensu.org
pagead2.googlesyndication.com
s-img.mgid.com
securepubads.g.doubleclick.net
servicer.mgid.com
strephonsays.com
www.bigmp3db.com
151.101.65.195
178.250.1.11
2.19.228.187
2600:9000:2156:8400:6:b871:4f00:93a1
2600:9000:225e:6c00:11:a4de:2580:93a1
2606:4700:10::6816:3456
2606:4700:1::6813:864e
2606:4700:1::6813:874e
2606:4700:3030::6815:66b
2606:4700::6812:d2d
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2002
2a02:2638:3::c
2a02:6b8::1:119
2a04:4e42:600::485
52.209.248.17
95.216.65.102
99.86.4.99
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
04eb0579a6ea414f51af9beb69bd8d4816cb50919a6554212daf2e6c0a3883ed
059c65361fabb1491df95a87e47ecb85e2bafc1216c073cc064ddddeecfe265a
08a327a7a18f24e566fe0b0d86271109abbca277c5e226785b6740d18a4e59d7
15b3ebe5b609b257c925c2e30a73d8832738c6c508574a6103ce1e57865f85ba
184a0e223e905649a4adf44a852e5f0d7c58a394f512501003af6effc35751d6
198350a787373f881a2a1d2af746a86ac35c158617bd2d273323b54dab63196e
25795c5164a6b299891cdaf8925dfb9b5e7961ac9f740667c3722e0111353986
2d3b45a4be3864673801baea2c3f066e1c7320bab56d3c7818d7484cf1811696
331265e716919a38450577b87b2916f3a580883667dd383b3fe38adf38af3ef2
331759cc07003ed9a0efba0c6355ce686fdb7f68a24d0d72b086e7fa2aae81e6
36bd7516a7e43f420111787723560c46d88f6b193d0d8c22039372d68a802a06
5229a89af0d83ae2201c2ff2a572284c5c0b9fbcfdec7fc9f535f863d225ef77
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5692fdcd3cf15f5d2e98e6fb4f451dec0b2d61cae64af0b2bb18dfe46614c0ca
56ae2a10cd6ec3ddd872559ea9bb8f03cff58ffdf1dc4038a1c8e28611c2c222
5f703f7c5f79c2c0e3219a42902b4c472360214ebf9402fc45dee683b6cf4c6f
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6342420a6a7214787a77d44b80759ad990a287e9aea3f5387f3e3df443dda919
661d11a25f04b1396352b49ea31984fc1a68a4c30e87f241873a240666d3f8c2
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
688708971d125171e4ca49c4437825acdf8778e5fa23fc10c51a5925dc494316
68dbc402b8d95b31ec11900b3b5aee781e46330beeec75070f60a40c03b402d9
6a9f667053394455ba7d064b526119757f84042d8078b2642093bbca2891bad0
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
70e8b6db69fe62d1ddbf326b78fabe363cc238f51319bd5f7b71c25213fe89f4
71a005e915b96b3ed8feb7d4f5221db75e3658fd8678e68d5b04b5dce0aef73e
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d
7288c20b13b744af212d6df6ad459628687cf60a1ffe7f99d72e033b556450f0
774b02a17e7c4833990a848acfafbc9b622e7b4ea730845f665ebcfee80c27da
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
83e36e7190bf0f00b631c0cc933f9ef7deeb12cf05da1affa3fc7c544acc36f0
925bf96428c2caafdc661c7b24f7a2461c5f06e57e5b2811da92ef07f47bfa9b
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae8ed10fa0e4a665d75dbf7a2cb8cf035c568b7bfee2966e73367a1c9638b68a
af01797d233b68aec87f1010e56321396844af9daeb28662d888939e92a76b91
b7942073155358805ba386e0e2c5bfacbd203323321a49436ce8abfc8a6c8622
bb23189475c4f60039d1389da9ab3225c9c215c3ffa4af384ceccecc038759ab
bcbf5baf3fbe1ce55828221062341d9a30a688ce01378be721ad3123041ae6a4
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
df8e948910f886c0cbc6fde45d00fa57bf2d5bb7b49cdfe24cd0b701bae146d9
e1cd9602b63db552abd2b3cd8689102702d17efae5e9fe98f94691efc77897b9
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2
eb2254281cbbebfe5c3d091c67dea35bec8075b59e7d1fae735c13c810485b07
f1847af3947589999cfd242b4e6b344de6f4cf9b4f3a2fce05a074def7c85c07
fa42bae02655421ebe9bee852fbea63569fb7da75781afc95357e03774cc4f12
fb7b852e74c07fce6d901f1cc61855a7d857949644b66e475af187d87cb1df7c
ff6704748b62620378cca78f4d535953f9766b054e5afa473cc7c7d9c7c3b0af

ar.strephonsays.com Open in urlscan Pro 2606:4700:3030::6815:66b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

89 %HTTPS

68 %IPv6

16 Domains

26 Subdomains

20 IPs

7 Countries

1855 kBTransfer

4930 kBSize

16 Cookies

39 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ar.strephonsays.com Open in urlscan Pro
2606:4700:3030::6815:66b Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

89 %
HTTPS

68 %
IPv6

16
Domains

26
Subdomains

20
IPs

7
Countries

1855 kB
Transfer

4930 kB
Size

16
Cookies

63 HTTP transactions
1 data transactions