urlscan.io logo urlscan.io
SecurityTrails logo

fondoperlaterra.org Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fondoperlaterra.org/
Effective URL: https://fondoperlaterra.org/
Submission: On June 28 via manual from IT — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 50 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is fondoperlaterra.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 19th 2022. Valid for: a year.
This is the only time fondoperlaterra.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:215... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 151.101.65.195 54113 (FASTLY)
1 4 2a02:6b8::1:119 208722 (GLOBAL_DC)
6 46.4.104.244 24940 (HETZNER-AS)
3 143.204.89.60 16509 (AMAZON-02)
3 142.250.184.194 15169 (GOOGLE)
11 104.19.135.78 13335 (CLOUDFLAR...)
5 104.19.136.78 13335 (CLOUDFLAR...)
50 12
11    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
fondoperlaterra.org
a.fondoperlaterra.org
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2600:9000:2156:5800:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
1    2600:9000:2156:a200:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
1    151.101.65.195 (United States)

ASN54113 (FASTLY, US)
cdn.zx-adnet.com
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
6    46.4.104.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.104.4.46.clients.your-server.de
www.bigmp3db.com
3    143.204.89.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-60.fra50.r.cloudfront.net
optad360.mgr.consensu.org
3    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
11    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
5    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
Apex Domain
Subdomains		 Transfer
16 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7521
c.mgid.com — Cisco Umbrella Rank: 4843
cdn.mgid.com — Cisco Umbrella Rank: 9757
servicer.mgid.com — Cisco Umbrella Rank: 7655
s-img.mgid.com — Cisco Umbrella Rank: 6482
cm.mgid.com — Cisco Umbrella Rank: 2048
208 KB
11 fondoperlaterra.org
fondoperlaterra.org
a.fondoperlaterra.org
208 KB
6 bigmp3db.com
www.bigmp3db.com — Cisco Umbrella Rank: 609698
20 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3472
72 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
154 KB
3 consensu.org
optad360.mgr.consensu.org — Cisco Umbrella Rank: 173760
234 KB
3 optad360.io
get.optad360.io — Cisco Umbrella Rank: 26439
cmp.optad360.io — Cisco Umbrella Rank: 44745
302 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 429
4 KB
1 zx-adnet.com
cdn.zx-adnet.com — Cisco Umbrella Rank: 196557
10 KB
50 9
Domain Requested by
7 a.fondoperlaterra.org fondoperlaterra.org
6 www.bigmp3db.com fondoperlaterra.org
www.bigmp3db.com
5 s-img.mgid.com
4 cdn.mgid.com jsc.mgid.com
4 mc.yandex.ru 1 redirects fondoperlaterra.org
4 fondoperlaterra.org 1 redirects fondoperlaterra.org
3 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
3 optad360.mgr.consensu.org cmp.optad360.io
optad360.mgr.consensu.org
2 cm.mgid.com jsc.mgid.com
2 c.mgid.com jsc.mgid.com
2 jsc.mgid.com www.bigmp3db.com
jsc.mgid.com
2 get.optad360.io fondoperlaterra.org
get.optad360.io
2 cdn.jsdelivr.net fondoperlaterra.org
get.optad360.io
1 servicer.mgid.com jsc.mgid.com
1 cdn.zx-adnet.com fondoperlaterra.org
1 cmp.optad360.io fondoperlaterra.org
50 16
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-19 -
2023-05-19		 a year crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
pointly.ch
GTS CA 1D4		 2022-05-05 -
2022-08-03		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
www.bigmp3db.com
R3		 2022-05-03 -
2022-08-01		 3 months crt.sh
optad360.mgr.consensu.org
Amazon		 2022-05-23 -
2023-06-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://fondoperlaterra.org/
Frame ID: 22BE75068A4825CE0C9352B01CD49184
Requests: 48 HTTP requests in this frame

Frame: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Frame ID: 84B8F1D098B6C643895170C9E23B3863
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1656403323084222272724&consentData=&gdprApplies=1
Frame ID: 9D7B91D36EC535E7F65565828EBD7994
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

La Differenza Tra Termini E Oggetti Simili 2022

Page URL History Show full URLs

  1. http://fondoperlaterra.org/ HTTP 301
    https://fondoperlaterra.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

50
Requests

92 %
HTTPS

45 %
IPv6

9
Domains

16
Subdomains

12
IPs

4
Countries

1211 kB
Transfer

3592 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fondoperlaterra.org/ HTTP 301
    https://fondoperlaterra.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://mc.yandex.ru/watch/56442256?wmode=7&page-url=https%3A%2F%2Ffondoperlaterra.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21i1rs3c%3Afp%3A666%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A875735306745%3Ahid%3A197130861%3Az%3A0%3Ai%3A20220628080202%3Aet%3A1656403323%3Ac%3A1%3Arn%3A95402720%3Arqn%3A1%3Au%3A165640332386570391%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656403321595%3Ads%3A0%2C48%2C60%2C6%2C373%2C0%2C%2C14%2C0%2C665%2C665%2C4%2C532%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1656403323%3At%3ALa%20Differenza%20Tra%20Termini%20E%20Oggetti%20Simili%202022&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/56442256/1?wmode=7&page-url=https%3A%2F%2Ffondoperlaterra.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21i1rs3c%3Afp%3A666%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A875735306745%3Ahid%3A197130861%3Az%3A0%3Ai%3A20220628080202%3Aet%3A1656403323%3Ac%3A1%3Arn%3A95402720%3Arqn%3A1%3Au%3A165640332386570391%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656403321595%3Ads%3A0%2C48%2C60%2C6%2C373%2C0%2C%2C14%2C0%2C665%2C665%2C4%2C532%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1656403323%3At%3ALa%20Differenza%20Tra%20Termini%20E%20Oggetti%20Simili%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fondoperlaterra.org/
Redirect Chain
  • http://fondoperlaterra.org/
  • https://fondoperlaterra.org/
30 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fondoperlaterra.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
86716116dd389c54750305004ebea6e3eb4560f0192a279a00957971a25bc537

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
DYNAMIC
cf-ray
7224e5daaab79ba0-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 28 Jun 2022 08:02:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 29 Jun 2022 08:02:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsTbdcEZKwwqTER5poE5u1y0I5N3gTUP1NCpfMKLwSv6ZjNGCH57rTLjRKbC1Fv1lwxz9JIN%2BkUqzhPnhbq0hGD2AnoVfWiCz8%2Bf2lCO1lBPiH9hdopLEwJCkvkAlrKOMtMEf7bZ6FxNDpglkAOWcHet"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.15

Redirect headers

CF-RAY
7224e5da2aab9150-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 28 Jun 2022 08:02:01 GMT
Expires
Tue, 28 Jun 2022 09:02:01 GMT
Location
https://fondoperlaterra.org/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfSCmhqAtRiNABoeCM8Ne1%2F9DNMHwGq%2F5G364%2Bm3tiThAmJkDsyy27zbYlcnrYGPWBKI3Tln0%2BTUqrp1%2B1L7dzBrvHRmB8XqVwOfhhpeAwvChErCNMkoX6L3zq%2FJ4D%2FY2mg1778VkxnOnoMl7%2FWJms6F"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
fondoperlaterra.org/template/narrator/css/ 		82 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fondoperlaterra.org/template/narrator/css/style.css
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a8132bfaf9db3d8ba5bfb37225b3fcb547dc450ef698ccc8219c998ad75118

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
682165
cf-polished
origSize=85879
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 18 May 2022 19:20:26 GMT
server
cloudflare
etag
W/"14f77-5df4e2650c485"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SY3Kw5ZNzbnUi8CsQw2yjzzAa0jQVNy5cEHeq0khGVvwIzLzBbXnR%2BG46FtjLirXXfjlvfQdDfoHczsj8lAoAr5sgIm5qN6s3Dz1zBDtKWSw1LCS19g0jTGpmSuYOox3QHYGZTCl%2Bgs2KqQiDEEPRe%2Bo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Mon, 04 Jul 2022 10:32:37 GMT
cache-control
max-age=31536000
cf-ray
7224e5db1b5a9ba0-FRA
cf-bgj
minify
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38008
x-jsd-version
3.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19138-FRA, cache-hhn4041-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0OquJRnHPhnVLLZiytPB5Bvb27WTRJo0xFTaoLAhW8uAWu325weKJh0TAONzhP2ohyTq7XhVErPM60lzbPN4N3C92t8tw56aq7M%2F9K2m%2B0p6HIDEGJidvaOjsiuNvGr%2B16bMgZTiSG8jDsFMeI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7224e5db5cd5bb5f-FRA
gram-positive-bacteria-vs.-gram-negative-bacteria.jpg
a.fondoperlaterra.org/health/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.fondoperlaterra.org/health/gram-positive-bacteria-vs.-gram-negative-bacteria.jpg
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f6e64bdba8f471a94015856da8a5f4aaa35e226d13c4f9bcbf89c2955e6446c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19911
last-modified
Fri, 08 Oct 2021 12:49:43 GMT
server
cloudflare
etag
"4dc7-5cdd6d03bb3c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNrZEnr60Zzqrwab5ORDf0umwjGL8QsHfwGHrRwK2kKjht7afJisb6t4ymnq7X0WAa4vmQFBRenfQgcjIbzwyttKDNw8lkP%2BCG4dEHgwQTjc4d8eB1Le86Skr12F07j3pdG%2FvhWJNaePILqhyFRVFRa%2BeMA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7224e5db6c059ba0-FRA
kinetic-energy-vs.-potential-energy.jpg
a.fondoperlaterra.org/technology/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.fondoperlaterra.org/technology/kinetic-energy-vs.-potential-energy.jpg
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d4289bab8bd4cec2a51d238b87c72428bd42814da664ef43ade291c06b240e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15298
last-modified
Fri, 08 Oct 2021 12:50:22 GMT
server
cloudflare
etag
"3bc2-5cdd6d28403d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bRi9ulLabReCCGtOO%2F9UeWTKqBOYZsqfqnXU5OCQXK3YmkGyCg7dB0sLx4pNqBcrRj%2BOakhNuYWob%2FwQMAGXHAdL9U5JWQDuq8bMqRUnUAc%2BWMzcWKELb09w8VvafC6cI9lqV0%2FSv8lB7zSyusR6YtVCEY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7224e5db6c089ba0-FRA
back-pain-vs.-kidney-pain.jpg
a.fondoperlaterra.org/other/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.fondoperlaterra.org/other/back-pain-vs.-kidney-pain.jpg
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8fdfffcef121332fd16d0b6db5d40b7b4230d7624841febefae0dfe0d863311

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12839
last-modified
Fri, 08 Oct 2021 12:50:10 GMT
server
cloudflare
etag
"3227-5cdd6d1cb3ae1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3q3KpNAGxnRDka%2B%2FYeTY%2FAz3JF%2F74GtENsUZsVXS9ImJ0rMmmaET8IVYJPNGGfdosiGqirKsCgqWUeASzSRMZ6EwbGt%2BqR1gxjfKihz1omAFnA1f2iVyxZldKJeCCh%2Fjb6vYe8Rb%2Bw%2BLyWRYnGqQ6Ln0nl4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7224e5db6c0a9ba0-FRA
federal-prison-vs.-state-prison.jpg
a.fondoperlaterra.org/technology/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.fondoperlaterra.org/technology/federal-prison-vs.-state-prison.jpg
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28263a1fe3a6c7c26969001eb7494d0fec8e06177c30230dec339eddd0bbc191

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43348
last-modified
Fri, 08 Oct 2021 12:50:25 GMT
server
cloudflare
etag
"a954-5cdd6d2b52b83"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeiBZtDPmSHUkIGlJ1X3v2NFbJhsj6PS94t2XO4Ss4ktp7%2BEnzGQV6zZRxYjY5yfDBHgFbqMuiOsrERUIgvxuHmA8lAM%2FTi%2F2gcje10zk%2BEhc2f%2B2A9tpVy0AgBi4LPWxWQgXPGjKmfhYvmiRRsv7ozG3b4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7224e5db6bfe9ba0-FRA
railway-vs.-railroad.jpg
a.fondoperlaterra.org/other/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.fondoperlaterra.org/other/railway-vs.-railroad.jpg
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
232e55186ccf6886b39db354f7e28c69193835c897d7aa221c6320e67c95828f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33063
last-modified
Fri, 08 Oct 2021 12:49:56 GMT
server
cloudflare
etag
"8127-5cdd6d103dbd5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhHrujDUIP%2Fey9SMoszrsVKyzuWnuiNKyDNy2%2BsjYMn1Opx%2BPk8swsXzwx%2FfdwcIbMvcfufJAD%2F8ROgGwB8cP0Dvzs4vuVxMbRmUaMrNY1etJ7yFEXmSLoG%2B2P%2FXZqMLTNeAcyaxWI%2BlrhEYt0nreb8nK38%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7224e5db6c049ba0-FRA
if-else-vs.-switch.jpg
a.fondoperlaterra.org/other/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.fondoperlaterra.org/other/if-else-vs.-switch.jpg
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2609990e923de3efbafaa018be0e034e95a49ddc249e39b87546adfea1bc14b1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12038
last-modified
Fri, 08 Oct 2021 12:50:03 GMT
server
cloudflare
etag
"2f06-5cdd6d1628492"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzTT4kQRNdUrBDKZd4k%2F7fd28OLAn%2B26W0Z5l2UBQsysYwEOfdELHHDbzD00UE6QmtRawknFnUP2%2FRIK4ULniWoYCAV7f08PRcY%2BnXXO4du5oroal97Tm0fS8iRVlZ6SxlkOq0o62GplPHKKeSRfQ%2BVcQrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7224e5db6c029ba0-FRA
difference-between-block-cipher-and-stream-cipher.jpg
a.fondoperlaterra.org/technology-differences/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.fondoperlaterra.org/technology-differences/difference-between-block-cipher-and-stream-cipher.jpg
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b2ef93311d5b133e8b52054568768a7b338157e3f73d49518f2a7bf1c064d8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14826
last-modified
Fri, 08 Oct 2021 12:50:55 GMT
server
cloudflare
etag
"39ea-5cdd6d47e5261"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrJsbBlj611j74fIq8lzJLVYuiYO025IL%2BHwoUofIk119bIIlTfXfx%2F6Mm9c0dBbsMby%2BYqTZ2v1ij0iyS6EQQg4ob0rBygj%2FXKEfvhjtNASFU0X2TypfYHs%2Bp9nt790Q%2FX2o1j%2BZveVnyTGKdlw0YuC0qQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7224e5db9f2a910d-FRA
rocket-loader.min.js
fondoperlaterra.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fondoperlaterra.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 14 Jun 2022 16:43:30 GMT
server
cloudflare
etag
W/"62a8bab2-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=makJu6A1WHcciX6%2FJMDuz1zk6iEGDYr38opQZ3a0IWNcmKTnfFxxTUBQo94%2FkAUDR9Q4DwYsBCDUHbx9z%2BT6lElVYNOuWlYRVklsh5zgF7l55bi1%2FebYF1J8p3T0ZfFnO00somsjDAu%2ByIAw%2ByfF3FOy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7224e5db2b819ba0-FRA
vary
Accept-Encoding
expires
Thu, 30 Jun 2022 08:02:02 GMT
plugin.min.js
get.optad360.io/sf/5bc20b93-addf-4a97-9c34-a45cedfa7ce7/ 		377 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/5bc20b93-addf-4a97-9c34-a45cedfa7ce7/plugin.min.js
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
340483ca213d2e4b0c3855d3e2cd46e63db6966576ddb7872691c0fb7587a0bb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:03 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 14:44:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"ffb72211719e5299617eaee8bd50efe4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-id
UVfuVH-h8HLxOPAo553FUFd1hA7fzaBWeO16d9j8vxN5JFtjmNXMlA==
9f0e22bc-1bb1-451b-a1ea-4afa7de34954.min.js
cmp.optad360.io/items/ 		253 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/9f0e22bc-1bb1-451b-a1ea-4afa7de34954.min.js
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a200:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df52857350bcdc433fa9471555a8f39a571b369183eda9d70100e9453d858997

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 07:21:19 GMT
content-encoding
gzip
last-modified
Sun, 18 Apr 2021 10:05:04 GMT
server
AmazonS3
age
2444
etag
W/"c730add896865ee2c2fe3c8b7e3f9cdb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ZJ0zkM_EY5aLb48o6LPghmBIrLha0QZdd-gJflgOAAIBKbMaDVGQIQ==
truncated
/ 		41 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/webp
cookies_gdpr.js
cdn.zx-adnet.com/consent/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.9373087973473642
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e111a3850d781cc4bb9983b28613414f9a59af060c2860692d56809589c663b3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Wed, 27 Apr 2022 20:26:02 GMT
x-timer
S1656403322.308458,VS0,VE128
etag
"5291f663321e7e3f6bfff9a37feadf115ecea3ab57d443f46f5035c626a0edda-br"
x-served-by
cache-ams21028-AMS
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
no-cache
date
Tue, 28 Jun 2022 08:02:02 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache-hits
0
tag.js
mc.yandex.ru/metrika/ 		204 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
0a25764ebafab00789f01a4fa0e8607fca17a26a911dfeff24f97db959d8ac4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
br
last-modified
Fri, 24 Jun 2022 09:57:02 GMT
etag
"62b5603e-11796"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
71574
expires
Tue, 28 Jun 2022 09:02:02 GMT
1duwt.min.js
www.bigmp3db.com/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.min.js?09f7128
Requested by
Host: fondoperlaterra.org
URL: https://fondoperlaterra.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
bc8aad52def9fae70bca29263a13763c230f574b56f604f739995775e585e1dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
br
server
nginx
duration
770698
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=300
access-control-allow-headers
*
expires
Tue, 28-Jun-2022 11:07:02 EEST
en.json
optad360.mgr.consensu.org/cmp/v2/translations/v4/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/9f0e22bc-1bb1-451b-a1ea-4afa7de34954.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-60.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:03 GMT
content-encoding
gzip
last-modified
Thu, 29 Oct 2020 12:24:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"e3fe984dfb883f99b54c331403be617b"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=360000000
x-cache
Miss from cloudfront
x-amz-cf-id
eIVAxFrZLljWYeleI6RPkNBCZdxaS-Psz2tYXV-wZqEzEQv7fO6iFw==
via
1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
1duwt.json
www.bigmp3db.com/ 		59 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?09f7128
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
f57e47eb6d49e0776b0ae4522fca470cef6352980888af1eb7fc4b80632d4282
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://fondoperlaterra.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
br
server
nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
1duwt.json
www.bigmp3db.com/ 		616 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?09f7128
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
7c1bd93e9409256e5c20adb909f4c99e06323daf48f64ec67c4429493e2b2c0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://fondoperlaterra.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
br
server
nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/5bc20b93-addf-4a97-9c34-a45cedfa7ce7/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
4813320d44f3f82fe85df7fedc424af04063d51885d8cdd1947ea15d3fdcb98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28127
x-xss-protection
0
server
sffe
etag
"1257 / 472 of 1000 / last-modified: 1656367539"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Jun 2022 08:02:02 GMT
prebid5.14.0.js
get.optad360.io/sf/ 		460 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid5.14.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/5bc20b93-addf-4a97-9c34-a45cedfa7ce7/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:54:12 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 07:59:54 GMT
server
AmazonS3
age
20185671
etag
W/"6dd0a13bde35d2daa452bba998871016"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
o2RDmt9DbeZkNjHZCaRKvzAxnF7T5S2gLNQZ4nGWtfMP02wwbj7BoQ==
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?09f7128
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
5eba8b0faa7e67f6b49b670221e7a6677f3fbcab24eb066c0760e554704ee6c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://fondoperlaterra.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
br
server
nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
fondoperlaterra.org.1228643.js
jsc.mgid.com/f/o/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.js
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?09f7128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f86fc1c5bd806aa6d93828177336ea09c88149b4a1b602a472100aa359b23bd3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
br
cf-cache-status
HIT
age
606
cf-polished
origSize=2332
last-modified
Wed, 08 Jun 2022 10:35:51 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
414ZRMC3Q6TR6XP8
x-amz-id-2
yxY+W+qmSJ/62hxRpKXhJeJOMMRGaj1h0wF0VJ9EbXGw9fIKrodnZnwI5Wi5UWw6FGvAnc3UkRE=
cf-bgj
minify
server
cloudflare
etag
W/"249cc7a0057427427b4ce45014168891"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
csZrh7PwaaccbNruduuEpf9LObR4FSKg
cf-ray
7224e5de3e0768f8-FRA
expires
Tue, 28 Jun 2022 11:02:02 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220628
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
710d093c698933a1fc0346c407f2d71d4e2b6fb58cc594cd121c65bf707a7202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fondoperlaterra.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18067
x-jsd-version
1.0.1384
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19155-FRA, cache-iad-kiad7000096-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66d-Cu/GVMfr/0Dqdmr9B68wejd3Joo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81dJE6PI1N2IAujRb4vvdLno73O%2F0DxfDAQU0PCsKQBqFlrH6xaUqFKS6xfnto4Rj%2BwJPV%2F5DKbGBaZYE7TChDhAQy0n1SfLJqEKMURm7zxlaoO7RmMEhenOdsgmxj7SH05tIviaDS%2FcUgyizg0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7224e5de49b59249-FRA
access-control-expose-headers
*
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?09f7128
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
152615981a145944ca092fa3e8032b29e0aae5c1448d3711ce4a21fe6a77043b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://fondoperlaterra.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
br
server
nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
cmp-3.0.0.min.js
optad360.mgr.consensu.org/cmp/v2/ Frame 84B8 		691 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/9f0e22bc-1bb1-451b-a1ea-4afa7de34954.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-60.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 02:29:25 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 09:53:34 GMT
server
AmazonS3
age
20035
etag
W/"2ea07aea04f56769b6dd53f48dae904d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
cache-control
public, max-age=604800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
05IWag8T2JML3CCEMZgQJNnAvKZCteRG0X7EBdUsBI-P6r51UrsdJw==
1
mc.yandex.ru/watch/56442256/
Redirect Chain
  • https://mc.yandex.ru/watch/56442256?wmode=7&page-url=https%3A%2F%2Ffondoperlaterra.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21i1rs3c%3Afp%3A666%3Afu%3A0%3Aen%3Autf-8...
  • https://mc.yandex.ru/watch/56442256/1?wmode=7&page-url=https%3A%2F%2Ffondoperlaterra.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21i1rs3c%3Afp%3A666%3Afu%3A0%3Aen%3Autf...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/56442256/1?wmode=7&page-url=https%3A%2F%2Ffondoperlaterra.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21i1rs3c%3Afp%3A666%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A875735306745%3Ahid%3A197130861%3Az%3A0%3Ai%3A20220628080202%3Aet%3A1656403323%3Ac%3A1%3Arn%3A95402720%3Arqn%3A1%3Au%3A165640332386570391%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656403321595%3Ads%3A0%2C48%2C60%2C6%2C373%2C0%2C%2C14%2C0%2C665%2C665%2C4%2C532%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1656403323%3At%3ALa%20Differenza%20Tra%20Termini%20E%20Oggetti%20Simili%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e7ceaf85d9b20664275842bed9b823b78c53fdddee3f82491e48d72ea6c3e920
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 08:02:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 28-Jun-2022 08:02:02 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fondoperlaterra.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Tue, 28-Jun-2022 08:02:02 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Jun 2022 08:02:02 GMT
last-modified
Tue, 28-Jun-2022 08:02:02 GMT
location
/watch/56442256/1?wmode=7&page-url=https%3A%2F%2Ffondoperlaterra.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21i1rs3c%3Afp%3A666%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A875735306745%3Ahid%3A197130861%3Az%3A0%3Ai%3A20220628080202%3Aet%3A1656403323%3Ac%3A1%3Arn%3A95402720%3Arqn%3A1%3Au%3A165640332386570391%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656403321595%3Ads%3A0%2C48%2C60%2C6%2C373%2C0%2C%2C14%2C0%2C665%2C665%2C4%2C532%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1656403323%3At%3ALa%20Differenza%20Tra%20Termini%20E%20Oggetti%20Simili%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://fondoperlaterra.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 28-Jun-2022 08:02:02 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
last-modified
Fri, 24 Jun 2022 09:57:02 GMT
etag
"62b5603e-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 28 Jun 2022 09:02:02 GMT
fondoperlaterra.org.1228643.es6.js
jsc.mgid.com/f/o/ 		261 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6dc2bbc1fd83c3178e21f76ebf74557ae3c023edbc596ec914d244609722299

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
br
cf-cache-status
HIT
age
604
cf-polished
origSize=267049
last-modified
Wed, 15 Jun 2022 13:26:58 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
6T0FVT1BFN5D88KN
x-amz-id-2
Rbss89FRakDgpjX7HAO/sGXpXKd1OUc2VH4Z+UShipHoCyputs06qnR66rloPExm393HyFKPmvo=
cf-bgj
minify
server
cloudflare
etag
W/"1271a8e6f93348d96b540b13d6624183"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
wLWKUtQ.eK8tAlCSfOvULcP8gauxZ7h8
cf-ray
7224e5debbc2bb86-FRA
expires
Tue, 28 Jun 2022 11:02:02 GMT
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?09f7128
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
e2e75c462d5e01b4fd51e948549d0d10406a8968eeb7bdc2e1b91bffdce1cb58
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://fondoperlaterra.org/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
br
server
nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
pubads_impl_2022062201.js
securepubads.g.doubleclick.net/gpt/ 		373 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
a1ad79f8595bd0e292ee596db63d06f80e8a3ec4a6cf84621a4d2af673562a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 07:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129224
x-xss-protection
0
last-modified
Wed, 22 Jun 2022 08:35:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 28 Jun 2023 07:02:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		83 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fondoperlaterra.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
dae3e050c886aa87847fd1a7111189cb9219d1803a5ac6dec06a1369c72c0324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76
x-xss-protection
0
expires
Tue, 28 Jun 2022 08:02:02 GMT
vendor-list.json
optad360.mgr.consensu.org/cmp/v2/ Frame 84B8 		329 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optad360.mgr.consensu.org/cmp/v2/vendor-list.json
Requested by
Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-60.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7bed5d90746a148dd38a117b54a62853b2e69c339e9df11a0c999395fd716f87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 08:28:25 GMT
content-encoding
gzip
last-modified
Fri, 24 Jun 2022 01:00:10 GMT
server
AmazonS3
age
84818
etag
W/"39c830f810cf909a800c850bd35082c9"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=360000000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
gafvQMSM_mdqZFwH2FxhDV668i3nOvKU5gklNuXAFfpHthvBIlxnzw==
via
1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
f8d5a70b-b6fe-4314-8ba3-14b68fa194c0
https://fondoperlaterra.org/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://fondoperlaterra.org/f8d5a70b-b6fe-4314-8ba3-14b68fa194c0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
c3cd843e-b6b4-4fde-b608-59823223d00e
https://fondoperlaterra.org/ 		245 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://fondoperlaterra.org/c3cd843e-b6b4-4fde-b608-59823223d00e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
/
c.mgid.com/pv/ 		0
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?tcfV2=1&pv=5&cbuster=165640332292518247988&consentData=&gdprApplies=1&lct=1655251200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Ffondoperlaterra.org%2F&lu=https%3A%2F%2Ffondoperlaterra.org%2F&sessionId=62bab57b-0604f&pageView=1&pvid=181a954e82eb6702c25&site=761202&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7224e5e0692e68f8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
b9cab57c-08a9-4060-85d2-0b05d74dbb17
https://fondoperlaterra.org/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://fondoperlaterra.org/b9cab57c-08a9-4060-85d2-0b05d74dbb17
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
br
cf-cache-status
HIT
age
1135
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
31SG1V0WFRNKXC6R
x-amz-id-2
2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
7224e5e0894e68f8-FRA
expires
Wed, 29 Jun 2022 08:02:02 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:02 GMT
content-encoding
br
cf-cache-status
HIT
age
1135
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
31SYWNNYNESPJ6F1
x-amz-id-2
3myD4nXSsv4qiYMx2Hi56efn2ys0sdKXq9O5ZJG39ML6YXsxmNdK6iip2d5CSfCah3Py/VE8AbU=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
7224e5e0895068f8-FRA
expires
Wed, 29 Jun 2022 08:02:02 GMT
1
servicer.mgid.com/1228643/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1228643/1?tcfV2=1&pv=5&cbuster=1656403322996794198257&consentData=&gdprApplies=1&lct=1655251200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1300&h=300&maxw_3=247&maxh_3=254&cols=5&ref=&cxurl=https%3A%2F%2Ffondoperlaterra.org%2F&lu=https%3A%2F%2Ffondoperlaterra.org%2F&sessionId=62bab57b-0604f&pageView=1&pvid=181a954e82eb6702c25&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1c9549373a4148e03da7df1440ed2e3ab9129bda6ebedfed9e65a331139e9bc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
7224e5e0d9f168f8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:03 GMT
content-encoding
br
cf-cache-status
HIT
age
3146
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1SAKNE8T99VM7FFV
x-amz-id-2
ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
7224e5e1385cbb86-FRA
expires
Wed, 29 Jun 2022 08:02:03 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:03 GMT
content-encoding
br
cf-cache-status
HIT
age
2851
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQP2P0ZGAY0CMXJ
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
7224e5e1385dbb86-FRA
expires
Wed, 29 Jun 2022 08:02:03 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC82YzZiYzMzNzZhZDcwYTAyO...
s-img.mgid.com/g/10881005/492x328/-/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10881005/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC82YzZiYzMzNzZhZDcwYTAyODc0ZTY2YTUzOTVkMzc1ZS5qcGVn.webp?v=1656403323-GlqIlL_SsbGgh6L8Pfm0hmTS9fSfOGDRmbc3GjzTou4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
848322fc3c927582a8f5793157c1aa75d9ac4ade365a68250a52776ed50968ac

Request headers

Referer
https://fondoperlaterra.org/
Origin
https://fondoperlaterra.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:03 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:43 GMT
x-mg-request-uuid
dc77d524-786d-4b71-aca3-5a3e9c4ba390
age
4230728
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7224e5e19c3d9295-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14302
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0Lzc5ZjU2ZGFhYjZiOTEzNzU3OTMwNjY0NjFmMWViYzAyLmpwZw.webp
s-img.mgid.com/g/3805439/492x328/0x51x900x600/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805439/492x328/0x51x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0Lzc5ZjU2ZGFhYjZiOTEzNzU3OTMwNjY0NjFmMWViYzAyLmpwZw.webp?v=1656403323-jxWNR8tES9EQ_y9OwaOZgX9LKNIkkxXqTw2LpaHkENs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6988ec1c1788e99947f826a2050b173a628f23e5b0c1d5f386429006be5af9ea

Request headers

Referer
https://fondoperlaterra.org/
Origin
https://fondoperlaterra.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:03 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 11:51:58 GMT
x-mg-request-uuid
9c78cd16-b7c2-4863-9df1-d4a28e25b328
age
590981
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7224e5e19c3f9295-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24714
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC8yOGMwMjdhYjk2NTc1NjI4N...
s-img.mgid.com/g/10881013/492x328/-/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10881013/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC8yOGMwMjdhYjk2NTc1NjI4NWYxMDJlZThkMzMwZTA0MC5qcGVn.webp?v=1656403323-AD1ytxVWqHtqsznGSXBgooGHyyiuzbDzmV9773p0Obw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe847310eb9cdfa6e501a0598a2da1a9d8df5430d2e7c60393087cdc0352e69

Request headers

Referer
https://fondoperlaterra.org/
Origin
https://fondoperlaterra.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:03 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:53:13 GMT
x-mg-request-uuid
b7a7ca02-afa9-4401-a151-27fa2350278a
age
602968
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7224e5e19c439295-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19972
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC83NDc3NmVlMjNkZTg4YmE4ZDM2NjIxNjY1OGM4OGQzOS5qcGVn.webp
s-img.mgid.com/g/12578204/492x328/0x0x1281x854/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12578204/492x328/0x0x1281x854/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC83NDc3NmVlMjNkZTg4YmE4ZDM2NjIxNjY1OGM4OGQzOS5qcGVn.webp?v=1656403323-163PfN9JvIgRTZo8DxAXjXMPpPR68ln82EFEzi8T77o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b0a31a874eb85209fda0782b2d64d6c4a523e0b78ec098ee5538a0b7a728cb1

Request headers

Referer
https://fondoperlaterra.org/
Origin
https://fondoperlaterra.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:03 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 08:52:31 GMT
x-mg-request-uuid
e6b344b0-808d-4952-981c-c1dd158e77fd
age
4231813
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7224e5e19c459295-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53216
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF81NTcseV8zOTEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0LzhhOWQ5Y...
s-img.mgid.com/g/10839617/492x328/-/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839617/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF81NTcseV8zOTEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0LzhhOWQ5Y2Y0MjFhNDhlN2M1YjdjMDkwYzRmZjBkZmViLmpwZWc.webp?v=1656403323-sxAsR3-IegYplDMFHnkaWeEIDCLBlETKrcpGBgVa6Mw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
822ad07cb3c26c3951f5cf5f9a9b8fdd552fa0af54195cd7fb1ef845b6bbd253

Request headers

Referer
https://fondoperlaterra.org/
Origin
https://fondoperlaterra.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:03 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:46:19 GMT
x-mg-request-uuid
0d0b28ec-0178-45db-8eed-1fc28a305efb
age
4228834
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7224e5e19c479295-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12758
server
cloudflare
i.js
cm.mgid.com/ 		0
102 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1656403323071823842861&consentData=&gdprApplies=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 08:02:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7224e5e15ac568f8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.mgid.com/ Frame 9D7B 		0
38 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1656403323084222272724&consentData=&gdprApplies=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 08:02:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7224e5e15ace68f8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
c
c.mgid.com/ 		43 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=247|254|40|57K9I6JgAcilt8vZnqrW4RP-jl4fHmD9yJVINKkZkXYLZ5e7TY4Nt66-ZShrcJXz&fw=1&extjs=66044&v=247|254|8|57K9I6JgAcilt8vZnqrW4WBbd7VFKGOTtNPSLIAyw6LOAo0lhgBBGxAYtpiF8gDz&v=247|254|24|57K9I6JgAcilt8vZnqrW4RUrr-8LFPzLtvtlRA_2JJtmKYY82WZDgXNfM0EPTTd7&v=247|254|8|57K9I6JgAcilt8vZnqrW4adOJH4q9fAKkPzaMYg9MXlSPcobYnLk0YXIW-r4p7w5&v=247|254|8|57K9I6JgAcilt8vZnqrW4a8Frb5gqhVC0WxXMluaq8JwvW3pjOqpEp5Re9Kk9vXf&cid=1228643&h2=0f88f5SrAhnvrKlGfizmWlJhgoLLAYJtxfRo6ni7JwI*&rid=983fd2fe-f6b8-11ec-a34c-e43d1a2a04aa&tt=Direct&iv=11&pageImp=1&pvid=181a954e82eb6702c25&cbuster=1656403324303527854744&consentData=&gdprApplies=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fondoperlaterra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:02:04 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
c038d602-bf48-4ab9-a281-7d40e7a9507f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
7224e5e8fd37bb86-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
server
cloudflare

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __cfQR object| zxConsentParams object| t object| e function| ym object| rbConfig string| token object| rsdfhse boolean| __cfRLUnblockHandlers number| 2f1acc6c3a606b082e5eef5e54414ffb function| __tcfapi object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime object| $jscomp number| SesEOa2m2OKxd56JECgK string| rulvW5gntb function| updateRbDisplays object| _0xe9ce function| $jscomp$lookupPolyfilledValue function| ZxStartMainModule21 object| __ZXCONSENT21 number| zxConsentEnabled number| ZxConsentFlg number| OaCmpEnabledflg boolean| __isGoogleAllowed object| googletag object| pbjs325474 function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| Ya object| yaCounter56442256 object| ggeac object| google_tag_data object| google_js_reporting_queue object| _mgIntExchangeNews object| MarketGidInfC1228643 boolean| mg_loaded_761202_1228643 undefined| google_measure_js_timing object| onClickExcludes function| mgReject1228643 function| mgLoadAds1228643 function| MarketGidCReject1228643 function| MarketGidLoadGoods1228643 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint761202 string| _mgCanonicalUri object| _mgPageView761202 string| _mgPvid boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgwcapping object| _mgPageImp761202

10 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: fqeZYh3PxCRmdrmb6pcY53Rmjg6Nci8E.VMnPa.CddE-1656403322-0-AVpptAwlhoXlGhirRORjLwQMeLc400EZ3Lc3Cpk07RBOnxiJkdTvnL/WCu4jhqq+8fCJp4FgzoEiGt9MaSojNtE=
.fondoperlaterra.org/ Name: _ym_uid
Value: 165640332386570391
.fondoperlaterra.org/ Name: _ym_d
Value: 1656403323
.fondoperlaterra.org/ Name: _ym_isad
Value: 2
.yandex.ru/ Name: yandexuid
Value: 2512231861656403322
.yandex.ru/ Name: yuidss
Value: 2512231861656403322
mc.yandex.ru/ Name: yabs-sid
Value: 356436471656403322
.yandex.ru/ Name: i
Value: qBk6Y0c066LT/8RuaasUdBk38ZUCjcNetrn1Kk1WldQK79zY6lZxRMrfa3Hz4UlK4DIZO2FYnVPlmbgV66Td/x/1ebk=
.yandex.ru/ Name: ymex
Value: 1687939322.yrts.1656403322#1687939322.yrtsi.1656403322
fondoperlaterra.org/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1228643%22%3A%7B%22page%22%3A1%2C%22time%22%3A1656403323067%7D%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.fondoperlaterra.org
c.mgid.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.zx-adnet.com
cm.mgid.com
cmp.optad360.io
fondoperlaterra.org
get.optad360.io
jsc.mgid.com
mc.yandex.ru
optad360.mgr.consensu.org
s-img.mgid.com
securepubads.g.doubleclick.net
servicer.mgid.com
www.bigmp3db.com
104.19.135.78
104.19.136.78
142.250.184.194
143.204.89.60
151.101.65.195
2600:9000:2156:5800:11:a4de:2580:93a1
2600:9000:2156:a200:6:b871:4f00:93a1
2606:4700::6810:5814
2a02:6b8::1:119
2a06:98c1:3120::3
46.4.104.244
0a25764ebafab00789f01a4fa0e8607fca17a26a911dfeff24f97db959d8ac4c
12b2ef93311d5b133e8b52054568768a7b338157e3f73d49518f2a7bf1c064d8
152615981a145944ca092fa3e8032b29e0aae5c1448d3711ce4a21fe6a77043b
232e55186ccf6886b39db354f7e28c69193835c897d7aa221c6320e67c95828f
2609990e923de3efbafaa018be0e034e95a49ddc249e39b87546adfea1bc14b1
28263a1fe3a6c7c26969001eb7494d0fec8e06177c30230dec339eddd0bbc191
340483ca213d2e4b0c3855d3e2cd46e63db6966576ddb7872691c0fb7587a0bb
4813320d44f3f82fe85df7fedc424af04063d51885d8cdd1947ea15d3fdcb98a
4b0a31a874eb85209fda0782b2d64d6c4a523e0b78ec098ee5538a0b7a728cb1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5eba8b0faa7e67f6b49b670221e7a6677f3fbcab24eb066c0760e554704ee6c7
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
65d4289bab8bd4cec2a51d238b87c72428bd42814da664ef43ade291c06b240e
6988ec1c1788e99947f826a2050b173a628f23e5b0c1d5f386429006be5af9ea
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
710d093c698933a1fc0346c407f2d71d4e2b6fb58cc594cd121c65bf707a7202
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7bed5d90746a148dd38a117b54a62853b2e69c339e9df11a0c999395fd716f87
7c1bd93e9409256e5c20adb909f4c99e06323daf48f64ec67c4429493e2b2c0a
822ad07cb3c26c3951f5cf5f9a9b8fdd552fa0af54195cd7fb1ef845b6bbd253
848322fc3c927582a8f5793157c1aa75d9ac4ade365a68250a52776ed50968ac
85a8132bfaf9db3d8ba5bfb37225b3fcb547dc450ef698ccc8219c998ad75118
86716116dd389c54750305004ebea6e3eb4560f0192a279a00957971a25bc537
8f6e64bdba8f471a94015856da8a5f4aaa35e226d13c4f9bcbf89c2955e6446c
a1ad79f8595bd0e292ee596db63d06f80e8a3ec4a6cf84621a4d2af673562a87
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b1c9549373a4148e03da7df1440ed2e3ab9129bda6ebedfed9e65a331139e9bc
bc8aad52def9fae70bca29263a13763c230f574b56f604f739995775e585e1dd
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c6dc2bbc1fd83c3178e21f76ebf74557ae3c023edbc596ec914d244609722299
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d8fdfffcef121332fd16d0b6db5d40b7b4230d7624841febefae0dfe0d863311
dae3e050c886aa87847fd1a7111189cb9219d1803a5ac6dec06a1369c72c0324
dbe847310eb9cdfa6e501a0598a2da1a9d8df5430d2e7c60393087cdc0352e69
df52857350bcdc433fa9471555a8f39a571b369183eda9d70100e9453d858997
e111a3850d781cc4bb9983b28613414f9a59af060c2860692d56809589c663b3
e2e75c462d5e01b4fd51e948549d0d10406a8968eeb7bdc2e1b91bffdce1cb58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ceaf85d9b20664275842bed9b823b78c53fdddee3f82491e48d72ea6c3e920
eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2
f57e47eb6d49e0776b0ae4522fca470cef6352980888af1eb7fc4b80632d4282
f86fc1c5bd806aa6d93828177336ea09c88149b4a1b602a472100aa359b23bd3