ko.strephonsays.com Open in urlscan Pro
2606:4700:3030::6815:66b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ko.strephonsays.com/
Submission: On June 28 via manual (June 28th 2023, 6:16:37 am UTC) from KR — Scanned from DE

Summary HTTP 61 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3030::6815:66b, located in United States and belongs to CLOUDFLARENET, US. The main domain is ko.strephonsays.com.
TLS certificate: Issued by GTS CA 1P5 on June 12th 2023. Valid for: 3 months.

This is the only time ko.strephonsays.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3030::6815:66b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225e:3a00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:237... 2600:9000:237d:9400:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
6	95.216.65.102 95.216.65.102	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	108.138.36.74 108.138.36.74	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
15	2606:4700:1::... 2606:4700:1::6813:864e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.19.105.180 2.19.105.180	16625 (AKAMAI-AS) (AKAMAI-AS)
61	15

13 2606:4700:3030::6815:66b (United States)

ASN13335 (CLOUDFLARENET, US)

ko.strephonsays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
strephonsays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.strephonsays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:3a00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:9400:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua

www.bigmp3db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.36.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-74.muc50.r.cloudfront.net

optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.105.180 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-105-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7412 c.mgid.com — Cisco Umbrella Rank: 6000 cdn.mgid.com — Cisco Umbrella Rank: 10218 servicer.mgid.com — Cisco Umbrella Rank: 7293 s-img.mgid.com — Cisco Umbrella Rank: 7126 cm.mgid.com — Cisco Umbrella Rank: 1358	122 KB
13	strephonsays.com ko.strephonsays.com strephonsays.com — Cisco Umbrella Rank: 466455 a.strephonsays.com	504 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9422	3 KB
6	consensu.org optad360.mgr.consensu.org — Cisco Umbrella Rank: 53879	259 KB
6	bigmp3db.com www.bigmp3db.com — Cisco Umbrella Rank: 995306	20 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216	157 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3245	74 KB
3	optad360.io get.optad360.io — Cisco Umbrella Rank: 32950 cmp.optad360.io — Cisco Umbrella Rank: 51551	299 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135	167 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	6 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 553	63 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808	25 KB
1	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 407962	10 KB
61	13

	Domain	Requested by
8	a.strephonsays.com	ko.strephonsays.com
7	mc.yandex.com	3 redirects
6	optad360.mgr.consensu.org	cmp.optad360.io get.optad360.io optad360.mgr.consensu.org
6	www.bigmp3db.com	ko.strephonsays.com www.bigmp3db.com
4	cdn.mgid.com
4	c.mgid.com	jsc.mgid.com
3	mc.yandex.ru	2 redirects ko.strephonsays.com
3	strephonsays.com	ko.strephonsays.com
2	cm.mgid.com	jsc.mgid.com
2	s-img.mgid.com
2	jsc.mgid.com	www.bigmp3db.com jsc.mgid.com
2	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
2	get.optad360.io	ko.strephonsays.com get.optad360.io
2	pagead2.googlesyndication.com	ko.strephonsays.com pagead2.googlesyndication.com
2	cdn.jsdelivr.net	ko.strephonsays.com get.optad360.io
2	ko.strephonsays.com	ko.strephonsays.com
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	cdn.zx-adnet.com	ko.strephonsays.com
1	cmp.optad360.io	ko.strephonsays.com
61	22

This site contains links to these domains. Also see Links.

Domain
strephonsays.com
ar.strephonsays.com
bg.strephonsays.com
cs.strephonsays.com
el.strephonsays.com
es.strephonsays.com
et.strephonsays.com
fi.strephonsays.com
fr.strephonsays.com
hi.strephonsays.com
hr.strephonsays.com
hu.strephonsays.com
id.strephonsays.com
it.strephonsays.com
iw.strephonsays.com
ja.strephonsays.com
lt.strephonsays.com
lv.strephonsays.com
ms.strephonsays.com
nl.strephonsays.com
no.strephonsays.com
pl.strephonsays.com
pt.strephonsays.com
ru.strephonsays.com
sk.strephonsays.com
sl.strephonsays.com
sr.strephonsays.com
sv.strephonsays.com
th.strephonsays.com
tr.strephonsays.com
uk.strephonsays.com
vi.strephonsays.com

Subject Issuer	Validity	Valid
strephonsays.com GTS CA 1P5	`2023-06-12` - `2023-09-10`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-03-01` - `2023-11-15`	9 months	crt.sh
d.hive.properties GTS CA 1D4	`2023-05-08` - `2023-08-06`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
www.bigmp3db.com R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh
optad360.mgr.consensu.org Amazon RSA 2048 M02	`2023-04-23` - `2024-05-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://ko.strephonsays.com/
Frame ID: 5CCA637FF5FC4493ECD2E11401CC55A0
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html
Frame ID: 73BC3DEF52E2BA48BCAEFB173B6DC3DC
Requests: 1 HTTP requests in this frame

Frame: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Frame ID: 1C86E10F02EEE89ABCA3545D718DC9AF
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=168793299415969220624
Frame ID: 1635B706F00DE8BA97F1F07347A5A2DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

알고있다 2023

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

61
Requests

90 %
HTTPS

71 %
IPv6

13
Domains

22
Subdomains

15
IPs

4
Countries

1707 kB
Transfer

5012 kB
Size

15
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ar.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://bg.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://cs.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://el.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://es.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://et.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://fi.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://fr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://hi.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://hr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://hu.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://id.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://it.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://iw.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ja.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://lt.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://lv.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ms.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://nl.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://no.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://pl.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://pt.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://ru.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sk.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sl.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://sv.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://th.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://tr.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://uk.strephonsays.com/

Search URL Search Domain Scan URL

URL: https://vi.strephonsays.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10048.XrzPcdLdRwBMB8qwxfUX4UAZ5pya83wlGCU18Br9daxaTh3lzMKw0QUFwlnXOfCz.VaVooVZ3x5vhV0TjeQe71qXvDOQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10048.11CPaMKu5uD40YNTkKvpA-vTG2xI14oIPSsoo3cq2zgBKnQMYIdSOMqJh06T1aslrMVmqRwK_AeCiV_EnKXJ4KoW9B5BBqnnu6OcFthB-DQ%2C.uxiHQNDC8KnuEFyZblONOIi6_S0%2C

Request Chain 36

https://mc.yandex.com/watch/53480917?wmode=7&page-url=https%3A%2F%2Fko.strephonsays.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A916%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1553765754063%3Ahid%3A356740661%3Az%3A0%3Ai%3A20230628061632%3Aet%3A1687932992%3Ac%3A1%3Arn%3A673168118%3Arqn%3A1%3Au%3A1687932992276443452%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A18%2C44%2C642%2C4%2C%2C0%2C%2C4%2C0%2C892%2C892%2C3%2C818%3Aco%3A0%3Acpf%3A1%3Ans%3A1687932990987%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687932993%3At%3A%EC%95%8C%EA%B3%A0%EC%9E%88%EB%8B%A4%202023&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/53480917/1?wmode=7&page-url=https%3A%2F%2Fko.strephonsays.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A916%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1553765754063%3Ahid%3A356740661%3Az%3A0%3Ai%3A20230628061632%3Aet%3A1687932992%3Ac%3A1%3Arn%3A673168118%3Arqn%3A1%3Au%3A1687932992276443452%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A18%2C44%2C642%2C4%2C%2C0%2C%2C4%2C0%2C892%2C892%2C3%2C818%3Aco%3A0%3Acpf%3A1%3Ans%3A1687932990987%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687932993%3At%3A%EC%95%8C%EA%B3%A0%EC%9E%88%EB%8B%A4%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 39

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10048.oIEInCUFTaMUHEUijSRkPWbWFByyR9apc8YZKa49dHxHH56c1oLuIMX1QaKam126.H7QNEXMJyb6sOTFpUkbucIX7P5A%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10048.-F7MgR574ejGfXtaTRwdvE1Lwe4fugNNb0mJ2jiqBroe8JZag5p5NqwDfHX9ZjmTP1RwrhUvHBqaeokZAWz6bxR8p28gGbHXQ855osKUgRE%2C.X2JBJ_AeA5qHUocfGZuC3ro0UQ4%2C

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ko.strephonsays.com/ 46 KB
8 KB 704ms
642ms Document
text/html 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: 9542e9ea15169565692b62b076cb16ac1622bbc2ff1a662f625f6cee201a6bb1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 7de3cd2a19591cb5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 06:16:31 GMT
expires: Thu, 29 Jun 2023 06:16:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GSlMr7Iv8yZ57L%2FnxSOUGoUQhOCCOguDML2KK9KES53GJVcvQ3Yke%2BqLrffZ%2F0GINj6tUmSehHWT87whrK2IPFu6zeVUdRH01cp1FfMLi3FbP5XnPoNKIWBV0mg3w7o%2FesvJYABzYj7Mwd9A5PHS8Br"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15

GET
H2 200 style.css
strephonsays.com/template/artemiz/css/ 27 KB
6 KB 64ms
35ms Stylesheet
text/css 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strephonsays.com/template/artemiz/css/style.css
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5692fdcd3cf15f5d2e98e6fb4f451dec0b2d61cae64af0b2bb18dfe46614c0ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434123
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:14:04 GMT
server: cloudflare
etag: W/"6cae-5efef3ab093e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeyCDcCBU23%2B8%2Few2j2TD%2BRlWwVVgVL7sKFPGynGYXZxYzgUxbbhS4GPtWvvW%2FKnaO0ix9VBu3PGLrKVJ3WTxcvxBCzweS8M09fCc24%2B7a%2FUXlVCMZZYGuJZsBIIcx9T4BVOK%2BzbN7tfoep2Va4B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7de3cd2e5d7f1cb5-FRA
expires: Fri, 07 Jul 2023 05:41:08 GMT

GET
H2 200 yt.css
strephonsays.com/template/artemiz/css/ 69 KB
44 KB 58ms
29ms Stylesheet
text/css 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strephonsays.com/template/artemiz/css/yt.css
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71a005e915b96b3ed8feb7d4f5221db75e3658fd8678e68d5b04b5dce0aef73e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 368039
cf-polished: origSize=70952
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:14:05 GMT
server: cloudflare
etag: W/"11528-5efef3abd421a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CoOVBRnr05gkcsYKFx7taYtq0i8rJjxJxjN093aMRgLanEDu0RyAHncDo1LEsQ%2FX3JCb%2BgNxk%2FCkwP2Yq3lZ51QcBDmOBkvyvYqgYfGNudguxcDJwRboU3QFrNngodCRQ%2FsWx2%2FS9iqRJX7xTUkj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7de3cd2e5d7c1cb5-FRA
expires: Sat, 08 Jul 2023 00:02:32 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
5 KB 85ms
19ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 06:16:31 GMT
x-content-type-options: nosniff
age: 17831
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4958
x-served-by: cache-fra-eddf8230101-FRA
x-jsd-version-type: version
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rocket-loader.min.js Show response
ko.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 24ms
24ms Script
application/javascript 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Jun 2023 09:29:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64941465-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5i2ol4uUDmRr53ho3DVXxhAO5IlSSU1umM%2Fh9TVe5sapcP1fo%2F5YfUgTIZfttVdqso%2BZ09RL3hfMHelfvw5vC5GBjchrA6uRtmOpUB%2Fr5I6eztXuH332Aitz1FA5fDym54Ie9sNmjdYNRuApZkEeq9JY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7de3cd2e2d561cb5-FRA
expires: Fri, 30 Jun 2023 06:16:31 GMT

GET
H3 200 scripts.js Show response
strephonsays.com/template/artemiz/js/ 177 KB
61 KB 31ms
30ms Script
application/javascript 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strephonsays.com/template/artemiz/js/scripts.js
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68dbc402b8d95b31ec11900b3b5aee781e46330beeec75070f60a40c03b402d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 372855
cf-polished: origSize=181106
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:14:07 GMT
server: cloudflare
etag: W/"2c372-5efef3ae1ed1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k93DAd0CPP1RIlVCCok1kGuaxEoZ%2BIhWiYlgW8pyasZWrvq1bb0Ytgvc14qjls97YcZcUrNXeYdJosVQWNF8Ub9Udy6oSdB5gOjhUGlxdBhEoAwZ1ufRPYEO28iF29MlRylYf1K5%2F4cic4cwZNor"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7de3cd2ed8e29293-FRA
expires: Fri, 07 Jul 2023 22:42:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 131ms
69ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2173063720940886

Requested by

Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd210dbcd6318336d346d328c3ba94a11d6ed2a8792b03c7e46e4c62515e9454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ko.strephonsays.com/
Origin: https://ko.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49127
x-xss-protection: 0
server: cafe
etag: 3955666291292853154
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 06:16:31 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/ 291 KB
60 KB 129ms
29ms Script
application/javascript 2600:9000:225e:3a00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a73a0470af927c5e55124cdc641956b1f723683f3b58d257a766e931952d51e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:03:07 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 17:01:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 47605
x-amz-server-side-encryption: AES256
etag: W/"772f541e8e42b1e4f8b774f783f0d60b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: CCh_iyagu0xHmOA--JJef1PeS08IVzheInruEtgAUiK2ShXhANE2KQ==

GET
H2 200 45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js Show response
cmp.optad360.io/items/ 253 KB
72 KB 130ms
29ms Script
application/javascript 2600:9000:237d:9400:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:9400:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1cd9602b63db552abd2b3cd8689102702d17efae5e9fe98f94691efc77897b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:46:37 GMT
content-encoding: gzip
via: 1.1 cdf03e675736c21829fede7b370fd99a.cloudfront.net (CloudFront)
last-modified: Sun, 18 Apr 2021 12:34:47 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 1795
etag: W/"4bc6f41a14eeeb489540c26fb99b9427"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: S2jSNatWupuUR7IjKxezfZf1-yfIbi14xqO28ddHenF5stkAvKAE0w==

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 Difference-Between-Companies-Limited-by-Shares-and-Companies-Limited-by-Guarantee.webp
a.strephonsays.com/business/ 47 KB
47 KB 69ms
28ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/business/Difference-Between-Companies-Limited-by-Shares-and-Companies-Limited-by-Guarantee.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb23189475c4f60039d1389da9ab3225c9c215c3ffa4af384ceccecc038759ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6257
alt-svc: h3=":443"; ma=86400
content-length: 48014
last-modified: Wed, 06 Oct 2021 21:04:42 GMT
server: cloudflare
etag: "bb8e-5cdb57eb812f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxCLdOWU4ZgHyH%2Fq39a3%2BvEYfLiVuWX3SE2xeSpS21dQmlxlXenPvrXOUNtkZfs1BaznYk%2B7UD1H7gjCBcWdwsWwxAhw%2F%2FfijQ1ptrVukSTiha2t1d36HnqaIUXWau40VW%2FIWeKuRb5TrKHvKaLaeik%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cd2f8ead1cb5-FRA

GET
H2 200 Difference-Between-Passport-Book-and-Passport-Card-1.webp
a.strephonsays.com/countries/ 32 KB
33 KB 847ms
806ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/countries/Difference-Between-Passport-Book-and-Passport-Card-1.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ee546d3fdc2130c140cb072df57741817b56fbed52404642631ef41bc628c4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 21:06:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8192-5cdb586ca2ed4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TF7803ReibJHIVqNyldfUFyCc7%2FHB3bIyYos%2FG02xZo0J1ishLWbNY1shccAFdVyANTO4xKIFH4F7%2FEraUaeUaNw4RPYelVa7Mwwu5mMCVQvDxqTvonmIn%2FaatY%2BRwaKvqPUsDEazK%2BM4J348MsjdY4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cd2f8eae1cb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 33170

GET
H2 200 Difference-Between-Lean-Protein-and-Whey-Protein.webp
a.strephonsays.com/health/ 51 KB
52 KB 818ms
777ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/health/Difference-Between-Lean-Protein-and-Whey-Protein.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35542897f7cd6769cd6b1118b38e65a9cfc72d0f7d01c0ace49f17d88fd37e53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 22:35:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "cc7e-5cdb6c3903fc1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7sP7QYEb8%2BTzqkp6r4cN1OZ5eWtKfVKSAyBdJkgaLbMQ0NjXWXHLzz%2FxphWC4TLcp0Ea1hZOWdq3RPAHSw%2BkpiRIUTeu7jM01msFKtnIu%2FoP54aJPHrwkMLj1FrxlH4ODg0p08a3H0r2239FkxgthY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cd2f8ea91cb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 52350

GET
H2 200 Difference-Between-Anisole-and-Diethyl-Ether.webp
a.strephonsays.com/science-nature/ 15 KB
16 KB 833ms
792ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/science-nature/Difference-Between-Anisole-and-Diethyl-Ether.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ca430f52e5648245baeb07cd6574f80760acb4d75ebd484af5ffcb68b0ba367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 23:44:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3d88-5cdb7b9a5a810"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdRmmbkJtfFh3e1k4%2FrUbknyE1BQcJDvAwCzMntzxxhBMJu9bc9Eq3naRE%2F7EaJsbx6dKSXV1Dygf%2BfbfIjIXPqYdNCFQr%2BgQOGtdpDp92WQieLdmgO%2BgtmxrXIxwhPHd2ZKWRwMrDUyADR0tjoGQ1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cd2f8eab1cb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15752

GET
H2 200 Difference-Between-Oxygen-and-Ozone.webp
a.strephonsays.com/science-nature/ 83 KB
84 KB 779ms
738ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/science-nature/Difference-Between-Oxygen-and-Ozone.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2296b3173627f84f8361243bda095a4fa2c05c222200f895b44bad0a6ef15e9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 23:16:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "14dea-5cdb755542fc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0q%2FKg2IdGs7zKTH0MQ6XEWWtDtYrDw6bIWQFmHF5hyGeky6D5IoDJp5HvExQVuLnOS8%2FBYdnUiiiufkaFuP2VcTzvQ5bXSMuUXQjW9xOSQ%2FuFefBVzmm3xUgz2rAb9SVcXaioaXkVr5yyoYNibjiQ%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cd2f8eac1cb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 85482

GET
H2 200 Difference-Between-Personal-Identity-and-Social-Identity.webp
a.strephonsays.com/education/ 60 KB
61 KB 825ms
784ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/education/Difference-Between-Personal-Identity-and-Social-Identity.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6f6cb043708335483ae84eb97bfb412e7336a59f8195bb9261cf6ff0611f48d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 22:30:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f0a8-5cdb6b2120306"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W24CUMEuov6mE9aBOki0aeAwx%2FLQjC%2BJ4CT1TSOA%2FdIvr6m0AzrjWBndDO5PFx5hglj1%2BQs21%2BR0INjAEj4rGipnJJzQFiLW0021T3y0utzhBbSGxpvFM348xalWcRNeKsURMQsOlyaX9UFimVwi2k0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cd2f8eaa1cb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 61608

GET
H3 200 Difference-Between-Shame-and-Embarrassment-1.webp
a.strephonsays.com/people/ 27 KB
27 KB 1153ms
1152ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/people/Difference-Between-Shame-and-Embarrassment-1.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8fc2ef8ebf6788cd0fddf43b63f7051c87c55f0ecc60ece36e4614118c6c608

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:33 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 22:54:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6a24-5cdb7066a92af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJ4QrCE%2Bez4%2FwCwkwia2Ui%2Bta6QuLyy7PCpWitANz1noXlHd9pF35iEuEV7SGu5IICo0M1fl%2BEuz85p9QoM2NhXX7N52EvX6Ye5TvB1Mu6MzCGhyqgZjwDY1QB3d9ygKTcujXB9FCwfNywL9hoc4jkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cd2fc9a39293-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27172

GET
H3 200 Difference-Between-Room-Attendant-and-Housekeeper.webp
a.strephonsays.com/people/ 61 KB
61 KB 1192ms
1191ms Image
image/webp 2606:4700:3030::6815:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.strephonsays.com/people/Difference-Between-Room-Attendant-and-Housekeeper.webp
Requested by: Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2014055b4c9d712158efdf2e6594241d55b2b28459029648c00114816e04d10f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:33 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 22:54:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f300-5cdb706d1d5d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYFd%2BJtTPJXuh9UOWmpreG8zLq7Uy8wqcQ5LmR45EsGi7Vly7dHT1YsLv1%2F0q80xpBC%2FYA3IsjrPbQQ%2BDdBCphp%2Bc8R2t%2FbnzTaAME6B27W8c5EOgX65Fri4eWeFXqA6UClBd0iQccM9OEQzkaMlwbU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7de3cd2fc9a49293-FRA
alt-svc: h3=":443"; ma=86400
content-length: 62208

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 34 KB
10 KB 158ms
47ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.102620150358818

Requested by

Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220098-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Wed, 28 Jun 2023 06:16:32 GMT
last-modified: Mon, 22 May 2023 17:32:30 GMT
x-timer: S1687932992.996918,VS0,VE30
etag: "e816600dd00bd96b1fef78362730b72e57d5bac88839b4da007d48db85d79519-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache-hits: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 214 KB
74 KB 340ms
69ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f8e19da72faefd872795c80a4329acd96300e88295224994e3fc8df5258d92c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 26 Jun 2023 10:04:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64993875-1249b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74907
expires: Wed, 28 Jun 2023 07:16:32 GMT

GET
H2 200 1duwt.min.js Show response
www.bigmp3db.com/ 67 KB
19 KB 365ms
94ms Script
text/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.min.js?f529b1c

Requested by

Host: ko.strephonsays.com
URL: https://ko.strephonsays.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

77d9102b426f1487e8550ed41e3650f47d74c020c7486e2876f07698fc97bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
duration: 1256789
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Wed, 28-Jun-2023 09:21:32 EEST

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/ 346 KB
119 KB 139ms
98ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2173063720940886&plah=ko.strephonsays.com&bust=31075623

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2173063720940886

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a86bcb06c80a86eb7a6decf833669b4debd4fa65ce0408b11a8b5d808839754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121745
x-xss-protection: 0
server: cafe
etag: 2957293435929517395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 06:16:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/ Frame 73BC 10 KB
5 KB 91ms
17ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2173063720940886

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ko.strephonsays.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 09:10:18 GMT
etag: 15057649708203361565
expires: Tue, 11 Jul 2023 09:10:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en.json Show response
optad360.mgr.consensu.org/cmp/v2/translations/v4/ 4 KB
2 KB 265ms
172ms XHR
application/json 108.138.36.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
Requested by: Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-74.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:33 GMT
content-encoding: gzip
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
last-modified: Thu, 29 Oct 2020 12:24:15 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
etag: W/"e3fe984dfb883f99b54c331403be617b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: public, max-age=360000000
x-amz-cf-id: _Ai9-jb2eovddZ6JmXY8reLKn5vV-vQwc5c5veXxR0N2X9wyUFNK8g==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 172ms
87ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

400ebf707969602dfc0a623465201f3aeb36b9c764a1baf5c110705be99c3d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27066
x-xss-protection: 0
server: cafe
etag: 705 / 19536 / m202306220101 / config-hash: 13728557897118412599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 06:16:32 GMT

GET
H2 200 prebid7.36.2.js Show response
get.optad360.io/sf/ 524 KB
166 KB 28ms
26ms Script
application/javascript 2600:9000:225e:3a00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid7.36.2.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 128f76df591e53bde9def0aac6966f056566a6f46a80cc9dc7a8e0402520bd22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 17 May 2023 05:01:14 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 07:17:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3633319
etag: W/"3b0c4914aba8fba88d5605bd77c7aa05"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: HlfMbVUf6EzV1ptWQuz2xUwMKZRtZ6lUeHe7mDuhxfuG7VTB45h0yw==

GET
H2 200 branding-ads.svg
optad360.mgr.consensu.org/icons/ 7 KB
3 KB 78ms
23ms Image
image/svg+xml 108.138.36.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optad360.mgr.consensu.org/icons/branding-ads.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-74.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 23:27:32 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 24541
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: XIm0hM8UYscXLpMKnJExm3s-UGnDYMNRCyOOR2p1hIgeVzn1wNQDSw==

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 47ms
21ms XHR
application/json 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230628

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f757dcb6d7040c5480e6bec81e5a93227e16a629e98616d02ec6076a767b242f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ko.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 06:16:32 GMT
x-content-type-options: nosniff
content-encoding: br
age: 8139
x-jsd-version: 1.0.1734
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 859
x-served-by: cache-fra-eddf8230132-FRA
x-jsd-version-type: version
etag: W/"637-tar4j7pq1lFMUjWIEQbMts2P0jY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 branding-ads.svg
optad360.mgr.consensu.org/icons/ 7 KB
3 KB 27ms
26ms Image
image/svg+xml 108.138.36.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optad360.mgr.consensu.org/icons/branding-ads.svg
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-74.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 23:27:32 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 24541
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: e1CGPBquAGHNY0h7ovTrQF2JXZRZuPk-_2ZsMS_BObAUbEUOqvLS3w==

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
269 B 424ms
45ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?f529b1c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

10aa51cc3f8d4752b0a2597e993e89920823de06b6e6782c88929412ea087b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ko.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 624 B
573 B 417ms
46ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?f529b1c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

c10264aedfa443f386ef57ff83e091e6bc2ddefac2ce72bae703f3865829dcc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ko.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/ 393 KB
125 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3086c49956d51c2cba2562ba86a083aedf01d66f41c264f158f5d4f6e632c3eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 12:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64815
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127939
x-xss-protection: 0
server: cafe
etag: 10569078359274256513
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 26 Jun 2024 12:16:17 GMT

GET
H2 200 branding-ads.svg
optad360.mgr.consensu.org/icons/ 7 KB
3 KB 131ms
129ms Image
image/svg+xml 108.138.36.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optad360.mgr.consensu.org/icons/branding-ads.svg
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-74.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 23:27:32 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 24541
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: Oq-bPWaF93n85lvzHunwACPKkPEsq01xa6oB16nGTRNM5yIp5bLIBg==

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10048.XrzPcdLdRwBMB8qwxfUX4UAZ5pya83wlGCU18Br9daxaTh3lzMKw0QUFwlnXOfCz.VaVooVZ3x5vhV0TjeQe71qXvDOQ%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10048.11CPaMKu5uD40YNTkKvpA-vTG2xI14oIPSsoo3cq2zgBKnQMYIdSOMqJh06T1aslrMVmqRwK_AeCiV_EnKXJ4KoW9B5BBqnnu6OcFthB-DQ%2C.uxiHQNDC8KnuEFyZblONOIi6_S0%2C

43 B
67 B

68ms
68ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10048.11CPaMKu5uD40YNTkKvpA-vTG2xI14oIPSsoo3cq2zgBKnQMYIdSOMqJh06T1aslrMVmqRwK_AeCiV_EnKXJ4KoW9B5BBqnnu6OcFthB-DQ%2C.uxiHQNDC8KnuEFyZblONOIi6_S0%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10048.11CPaMKu5uD40YNTkKvpA-vTG2xI14oIPSsoo3cq2zgBKnQMYIdSOMqJh06T1aslrMVmqRwK_AeCiV_EnKXJ4KoW9B5BBqnnu6OcFthB-DQ%2C.uxiHQNDC8KnuEFyZblONOIi6_S0%2C
date: Wed, 28 Jun 2023 06:16:32 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
114 B 66ms
66ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 26 Jun 2023 10:04:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64993875-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 28 Jun 2023 07:16:32 GMT

GET
H2 200 cmp-3.0.0.min.js Show response
optad360.mgr.consensu.org/cmp/v2/ Frame 1C86 691 KB
190 KB 69ms
66ms Script
application/javascript 108.138.36.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Requested by: Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-74.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 16:17:47 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
last-modified: Wed, 07 Apr 2021 09:53:34 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 50327
etag: W/"2ea07aea04f56769b6dd53f48dae904d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-cf-id: MIe3JgVLeLNizfFJbVR-Ft15z_suW8wh3n5VWOO7dqQbKJowwcmkNQ==

GET
H2 200 vendor-list.json Show response
optad360.mgr.consensu.org/cmp/v2/ Frame 1C86 539 KB
59 KB 169ms
169ms XHR
application/json 108.138.36.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/vendor-list.json
Requested by: Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-74.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a21b20c52fbc7ca1897d496862d422e5ce453e50d57d0defda0af7e09c904d35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:33 GMT
content-encoding: gzip
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
last-modified: Fri, 19 May 2023 08:47:37 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
etag: W/"fc2ec65f9cf17067ac2746e0e0bade13"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: public, max-age=604802
x-amz-cf-id: 35g9SRUbR5xobBXlj2vS451TDB0rasyiFHNVz6BErFQ8fR9CpqXSMw==

GET
H2

200

1 Show response
mc.yandex.com/watch/53480917/
Redirect Chain

https://mc.yandex.com/watch/53480917?wmode=7&page-url=https%3A%2F%2Fko.strephonsays.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A916%3Afu%3A0%3Aen%3...
https://mc.yandex.com/watch/53480917/1?wmode=7&page-url=https%3A%2F%2Fko.strephonsays.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A916%3Afu%3A0%3Aen...

447 B
557 B

63ms
63ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/53480917/1?wmode=7&page-url=https%3A%2F%2Fko.strephonsays.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A916%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1553765754063%3Ahid%3A356740661%3Az%3A0%3Ai%3A20230628061632%3Aet%3A1687932992%3Ac%3A1%3Arn%3A673168118%3Arqn%3A1%3Au%3A1687932992276443452%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A18%2C44%2C642%2C4%2C%2C0%2C%2C4%2C0%2C892%2C892%2C3%2C818%3Aco%3A0%3Acpf%3A1%3Ans%3A1687932990987%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687932993%3At%3A%EC%95%8C%EA%B3%A0%EC%9E%88%EB%8B%A4%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

bfbb6b44d8d52f9436f0dfff270f381376cfaa742d6206093fb9d94b2ca3180a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 06:16:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 28-Jun-2023 06:16:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ko.strephonsays.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 28-Jun-2023 06:16:32 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 06:16:32 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 28-Jun-2023 06:16:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/53480917/1?wmode=7&page-url=https%3A%2F%2Fko.strephonsays.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A916%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1553765754063%3Ahid%3A356740661%3Az%3A0%3Ai%3A20230628061632%3Aet%3A1687932992%3Ac%3A1%3Arn%3A673168118%3Arqn%3A1%3Au%3A1687932992276443452%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A18%2C44%2C642%2C4%2C%2C0%2C%2C4%2C0%2C892%2C892%2C3%2C818%3Aco%3A0%3Acpf%3A1%3Ans%3A1687932990987%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687932993%3At%3A%EC%95%8C%EA%B3%A0%EC%9E%88%EB%8B%A4%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://ko.strephonsays.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 28-Jun-2023 06:16:32 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 46ms
45ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?f529b1c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

016b7832a5280f805d3cb0aec0271d54e90a01f2dbcc85e6a47ca4918049738b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ko.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 fondoperlaterra.org.1465863.js Show response
jsc.mgid.com/f/o/ 3 KB
2 KB 91ms
29ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.js
Requested by: Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?f529b1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711e7fd261e9d804d308e4440a82efc1b71d54262c1822912875579570a60156

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
x-amz-version-id: XBhwNHFv9Rq4lAuuUD9TAW4F2luFLC7p
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: Z91FVYMMMFH4KJ9V
age: 169
cf-polished: origSize=2700
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: eY7RpZ1i0CYVo9s7bL9QZ8E/947myhydi+omVOao8DHVQvXKlOpxTyS2rzAxoX8o2mPqDDjmDkg=
cf-bgj: minify
last-modified: Tue, 20 Jun 2023 13:21:59 GMT
server: cloudflare
etag: W/"d57c0cd6f74d0b86ce4872616befa96e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7de3cd350b059b98-FRA
expires: Wed, 28 Jun 2023 09:16:32 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10048.oIEInCUFTaMUHEUijSRkPWbWFByyR9apc8YZKa49dHxHH56c1oLuIMX1QaKam126.H7QNEXMJyb6sOTFpUkbucIX7P5A%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10048.-F7MgR574ejGfXtaTRwdvE1Lwe4fugNNb0mJ2jiqBroe8JZag5p5NqwDfHX9ZjmTP1RwrhUvHBqaeokZAWz6bxR8p28gGbHXQ855osKUgRE%2C.X2JBJ_AeA5qHUocfG...

43 B
79 B

60ms
60ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10048.-F7MgR574ejGfXtaTRwdvE1Lwe4fugNNb0mJ2jiqBroe8JZag5p5NqwDfHX9ZjmTP1RwrhUvHBqaeokZAWz6bxR8p28gGbHXQ855osKUgRE%2C.X2JBJ_AeA5qHUocfGZuC3ro0UQ4%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10048.-F7MgR574ejGfXtaTRwdvE1Lwe4fugNNb0mJ2jiqBroe8JZag5p5NqwDfHX9ZjmTP1RwrhUvHBqaeokZAWz6bxR8p28gGbHXQ855osKUgRE%2C.X2JBJ_AeA5qHUocfGZuC3ro0UQ4%2C
date: Wed, 28 Jun 2023 06:16:32 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 fondoperlaterra.org.1465863.es6.js Show response
jsc.mgid.com/f/o/ 309 KB
94 KB 38ms
37ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71597476c237c8224a06badf8bf149d2a03ee4ccdc25a5c2841e51b4a8960e3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
x-amz-version-id: MBvgB.p5lIc1sAHLfyi2B3jDdJWgGnxw
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: MF6AE494KR4YCRMK
age: 169
cf-polished: origSize=316378
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: eMF7qVnYuqFHUu05cupcmBsBQdfuQnyvwnGNtND8EWsemDL3w1WoQdqQZZe/Db2VuS9WbEsaOZbg4NAaYI1Bpq8pvlPqvBex
cf-bgj: minify
last-modified: Tue, 20 Jun 2023 13:21:59 GMT
server: cloudflare
etag: W/"949517734d56f187f349544c1c5a4a63"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7de3cd354b499b98-FRA
expires: Wed, 28 Jun 2023 09:16:32 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 48ms
47ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?f529b1c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

ab1842b4ce9dfe38b3d0579146c76de1a8160c663a24b1ee752774c2dba559c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ko.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 06:16:32 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
BLOB 200
OK b9971306-d67b-4043-ae3a-15fa666ce2b1
https://ko.strephonsays.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ko.strephonsays.com/b9971306-d67b-4043-ae3a-15fa666ce2b1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 6b811dea-6edc-44d4-b5d7-12539d0ff142
https://ko.strephonsays.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ko.strephonsays.com/6b811dea-6edc-44d4-b5d7-12539d0ff142
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 / Show response
c.mgid.com/pv/ 0
43 B 61ms
45ms Script
text/plain 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1687932992973954424371&uniqId=11476&lct=1687219200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fko.strephonsays.com%2F&lu=https%3A%2F%2Fko.strephonsays.com%2F&pageView=1&pvid=18900a57dcea6d74997&site=761202&implVersion=11&dpr=1&tfre=1277
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7de3cd363c369b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content 734a8ddd-65f1-49ae-8325-3cf9bb9e8211
https://ko.strephonsays.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ko.strephonsays.com/734a8ddd-65f1-49ae-8325-3cf9bb9e8211
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 45ms
28ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:33 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BQQZ016TJQM3CQAQ
age: 2336
alt-svc: h3=":443"; ma=86400
x-amz-id-2: H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7de3cd365c4f9b98-FRA
expires: Thu, 29 Jun 2023 06:16:33 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
813 B 53ms
36ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:33 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BQQP2P0ZGAY0CMXJ
age: 6042
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7de3cd365c509b98-FRA
expires: Thu, 29 Jun 2023 06:16:33 GMT

GET
H3 200 widget-ssp-performance
c.mgid.com/ 43 B
184 B 40ms
39ms Image
image/gif 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=62
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7de3cd368a4d3807-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/gif

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 46ms
45ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?f529b1c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

691423213628a9525f0d1372d2c693687864654fb0c6512df8317c0ad4f43572

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ko.strephonsays.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 06:16:33 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 1 Show response
servicer.mgid.com/1465863/ 2 KB
1 KB 91ms
74ms Script
application/x-javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1465863/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1687932994044213897272&uniqId=11476&lct=1687219200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1400&h=390&ident_p=true&sz=686x330&szp=1,2&szl=1,2&cols=2&tcfV2=1&sessionId=649bd041-0d1bc&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&ref=&cxurl=https%3A%2F%2Fko.strephonsays.com%2F&lu=https%3A%2F%2Fko.strephonsays.com%2F&pageView=1&pvid=18900a57dcea6d74997&implVersion=11&dpr=1&tfre=2348
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19d91914b2e6867e0319b684234b345feee3eeadc5e30aacc77fbb95d8472796

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7de3cd3ceba39b98-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 widget-ssp-performance
c.mgid.com/ 43 B
148 B 37ms
36ms Image
image/gif 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=92
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7de3cd3d69413807-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/gif

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 31ms
31ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:34 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 4ZA9P7VPAM79SEE5
age: 5521
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ogo/ex200L7ps4FnQp+/tzaMP2Es62GIpyM//oh5VixopnKeKU/OLkVNxoGwINDIcf8PtYkWji0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7de3cd3d69443807-FRA
expires: Thu, 29 Jun 2023 06:16:34 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
990 B 30ms
30ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:34 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YRQRQGQP9DZNZ14S
age: 3067
alt-svc: h3=":443"; ma=86400
x-amz-id-2: prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7de3cd3d69473807-FRA
expires: Thu, 29 Jun 2023 06:16:34 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy81MzA0NTMvZDdkM...
s-img.mgid.com/g/15659581/492x277/-/ 13 KB
13 KB 603ms
29ms Image
image/webp 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15659581/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy81MzA0NTMvZDdkMDMzYjczZTUyYTljYThiZWRjNjdhZDBkZjI2NzkuanBlZw.webp?v=1687932994-5v8oss8gd_I3bLS_e7uQmaYNDVfaDX-7815kXJ2g1CQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3590bf128503ffee04f1f45ba7f8d9c5e0cdded9779b8387082ab94435120fb

Request headers

Referer: https://ko.strephonsays.com/
Origin: https://ko.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:34 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 15:03:54 GMT
x-mg-request-uuid: 9f96744d-44c9-4742-91e0-96d78f505600
server: cloudflare
age: 8866836
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7de3cd410ddc1e5a-FRA
content-length: 12970
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNi81MTA1NDkvYWFhZ...
s-img.mgid.com/g/16401918/492x277/-/ 7 KB
7 KB 605ms
31ms Image
image/webp 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16401918/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNi81MTA1NDkvYWFhZDAyODA3ZDg5NzA5ODUzMzhhMTc4MGFiYWY3MzUucG5n.webp?v=1687932994-Hg27OJsSov_gl7F_-EFIoV8lg4q72yy7nz4WL3il4qI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e70252a0493dcfc533da6e60a5e14ee9f37558c69f010bb68749a8d402481ff

Request headers

Referer: https://ko.strephonsays.com/
Origin: https://ko.strephonsays.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:34 GMT
cf-cache-status: HIT
last-modified: Sun, 18 Jun 2023 13:47:06 GMT
x-mg-request-uuid: 7d5299c9-a078-4c2e-8f98-3a28fba7b2ac
server: cloudflare
age: 836158
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7de3cd410ddf1e5a-FRA
content-length: 7126
alt-svc: h3=":443"; ma=86400

GET
H2 200 i.js Show response
cm.mgid.com/ 0
101 B 52ms
36ms Script
application/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1687932994157693621086
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 06:16:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7de3cd3d9c5b9b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 1635 0
37 B 48ms
38ms Script
application/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=168793299415969220624
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 06:16:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7de3cd3d9c5d9b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
25 KB 588ms
30ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: BD40DJT7KN67EDSE
age: 22
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7de3cd410ee69076-FRA
x-amz-id-2: BXq2klHOlDwCQitMv5cAqNz27G3QILBAm+E5fpwK1vk8nK0iqTKXMrSNSyhsQlr93LqAyyqiSSk=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 581ms
23ms Script
application/javascript 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1465863.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:34 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=33448
accept-ranges: bytes
content-length: 63913
expires: Wed, 28 Jun 2023 15:34:02 GMT

GET
H3 200 c
c.mgid.com/ 43 B
194 B 36ms
35ms Image
image/gif 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=686|330|8|NhONnRyj84u1RJdLiki595Sx655dhCwD8wBXRWgyMnIXRi0dAFe28MzjjJFLaQI6QhYyyzXVEwm1p7tcGVOdkw**&fw=1&extjs=66044&v=686|330|8|NhONnRyj84u1RJdLiki593lN4bRKLmuYwUBSxZYgG18wVT8png-enq_5DhGo-umW7KeaKHZZMLY2J7C-QgMxVQ**&cid=1465863&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&rid=54ac78dd-157b-11ee-aefe-e43d1a2a53a2&tt=Direct&iv=11&pageImp=1&pvid=18900a57dcea6d74997&cbuster=1687932995858892852528
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko.strephonsays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:16:35 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 8bcfd24c-5ca2-49b5-bcd1-6dfaa12ff920
server: cloudflare
content-type: image/gif
cf-ray: 7de3cd482c333807-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.strephonsays.com/	1970-01-20 21:37:48	Name: _sharedID Value: 5c382355-6ce9-4ceb-911a-f94d7bb8a885
.strephonsays.com/	1970-01-20 21:37:48	Name: _ym_uid Value: 1687932992276443452
.strephonsays.com/	1970-01-20 21:37:48	Name: _ym_d Value: 1687932992
.mc.yandex.com/	1970-01-20 12:52:13	Name: sync_cookie_csrf Value: 2005099271fake
.strephonsays.com/	1970-01-20 12:53:24	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 12:52:13	Name: sync_cookie_csrf Value: 2112031375fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1377950371687932992
.yandex.com/	1970-01-20 22:28:12	Name: i Value: 7iJMlvJMl8OVRQoIgyltX4RBPogWLxGIrfDF3JDEmE1gaDrwdDQ175EuZtUNHpzIdG4/lHOYLilKMMA6LbXDwHetTCY=
.yandex.com/	1970-01-20 22:28:12	Name: yandexuid Value: 9161764331687932992
.yandex.com/	1970-01-20 21:37:48	Name: yuidss Value: 9161764331687932992
.yandex.com/	1970-01-20 21:37:48	Name: ymex Value: 1719468992.yc.1687932992#1719468992.yrts.1687932992#1719468992.yrtsi.1687932992
.yandex.com/	1970-01-20 21:37:48	Name: bh Value: KgI/MA==
.mgid.com/	1970-01-20 12:52:14	Name: __cf_bm Value: XoA91eR1Gi5F5l4asZ4LJX4y5_OTrrBAXR8YmUoyyb8-1687932992-0-AYrd1xriO3j7T9eakNxr/ig9UanES4s4eDA3D2IlrkR9M6Kdon//HHb1DmM0INap0AsjzJf7Hx2Xl+jXTb3hFLA=
ko.strephonsays.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1465863%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221687932994145%22%7D%7D
ko.strephonsays.com/	1970-01-20 13:35:24	Name: _pbjs_userid_consent_data Value: 3524755945110770

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.strephonsays.com
ads.pubmatic.com
c.mgid.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.zx-adnet.com
cm.mgid.com
cmp.optad360.io
get.optad360.io
googleads.g.doubleclick.net
jsc.mgid.com
ko.strephonsays.com
mc.yandex.com
mc.yandex.ru
optad360.mgr.consensu.org
pagead2.googlesyndication.com
s-img.mgid.com
securepubads.g.doubleclick.net
servicer.mgid.com
strephonsays.com
www.bigmp3db.com
108.138.36.74
151.101.1.195
2.19.105.180
2600:9000:225e:3a00:11:a4de:2580:93a1
2600:9000:237d:9400:6:b871:4f00:93a1
2606:4700:10::6816:3556
2606:4700:1::6813:864e
2606:4700:3030::6815:66b
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2002
2a00:1450:4001:830::2002
2a02:6b8::1:119
2a04:4e42:200::485
95.216.65.102
016b7832a5280f805d3cb0aec0271d54e90a01f2dbcc85e6a47ca4918049738b
10aa51cc3f8d4752b0a2597e993e89920823de06b6e6782c88929412ea087b1a
128f76df591e53bde9def0aac6966f056566a6f46a80cc9dc7a8e0402520bd22
19d91914b2e6867e0319b684234b345feee3eeadc5e30aacc77fbb95d8472796
2014055b4c9d712158efdf2e6594241d55b2b28459029648c00114816e04d10f
2296b3173627f84f8361243bda095a4fa2c05c222200f895b44bad0a6ef15e9f
2ca430f52e5648245baeb07cd6574f80760acb4d75ebd484af5ffcb68b0ba367
3086c49956d51c2cba2562ba86a083aedf01d66f41c264f158f5d4f6e632c3eb
35542897f7cd6769cd6b1118b38e65a9cfc72d0f7d01c0ace49f17d88fd37e53
400ebf707969602dfc0a623465201f3aeb36b9c764a1baf5c110705be99c3d90
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5692fdcd3cf15f5d2e98e6fb4f451dec0b2d61cae64af0b2bb18dfe46614c0ca
5ee546d3fdc2130c140cb072df57741817b56fbed52404642631ef41bc628c4a
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
68dbc402b8d95b31ec11900b3b5aee781e46330beeec75070f60a40c03b402d9
691423213628a9525f0d1372d2c693687864654fb0c6512df8317c0ad4f43572
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
711e7fd261e9d804d308e4440a82efc1b71d54262c1822912875579570a60156
71597476c237c8224a06badf8bf149d2a03ee4ccdc25a5c2841e51b4a8960e3f
71a005e915b96b3ed8feb7d4f5221db75e3658fd8678e68d5b04b5dce0aef73e
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d
77d9102b426f1487e8550ed41e3650f47d74c020c7486e2876f07698fc97bb88
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
9542e9ea15169565692b62b076cb16ac1622bbc2ff1a662f625f6cee201a6bb1
9a86bcb06c80a86eb7a6decf833669b4debd4fa65ce0408b11a8b5d808839754
9e70252a0493dcfc533da6e60a5e14ee9f37558c69f010bb68749a8d402481ff
a21b20c52fbc7ca1897d496862d422e5ce453e50d57d0defda0af7e09c904d35
a73a0470af927c5e55124cdc641956b1f723683f3b58d257a766e931952d51e8
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab1842b4ce9dfe38b3d0579146c76de1a8160c663a24b1ee752774c2dba559c3
bb23189475c4f60039d1389da9ab3225c9c215c3ffa4af384ceccecc038759ab
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
bd210dbcd6318336d346d328c3ba94a11d6ed2a8792b03c7e46e4c62515e9454
bfbb6b44d8d52f9436f0dfff270f381376cfaa742d6206093fb9d94b2ca3180a
c10264aedfa443f386ef57ff83e091e6bc2ddefac2ce72bae703f3865829dcc3
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c8fc2ef8ebf6788cd0fddf43b63f7051c87c55f0ecc60ece36e4614118c6c608
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
e1cd9602b63db552abd2b3cd8689102702d17efae5e9fe98f94691efc77897b9
e3590bf128503ffee04f1f45ba7f8d9c5e0cdded9779b8387082ab94435120fb
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
f6f6cb043708335483ae84eb97bfb412e7336a59f8195bb9261cf6ff0611f48d
f757dcb6d7040c5480e6bec81e5a93227e16a629e98616d02ec6076a767b242f
f8e19da72faefd872795c80a4329acd96300e88295224994e3fc8df5258d92c2

ko.strephonsays.com Open in urlscan Pro 2606:4700:3030::6815:66b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

90 %HTTPS

71 %IPv6

13 Domains

22 Subdomains

15 IPs

4 Countries

1707 kBTransfer

5012 kBSize

15 Cookies

32 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ko.strephonsays.com Open in urlscan Pro
2606:4700:3030::6815:66b Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

90 %
HTTPS

71 %
IPv6

13
Domains

22
Subdomains

15
IPs

4
Countries

1707 kB
Transfer

5012 kB
Size

15
Cookies

61 HTTP transactions
1 data transactions