Submitted URL: http://opensooq.com/
Effective URL: https://www.opensooq.com/ar
Submission: On February 17 via api from SG — Scanned from DE

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 16 HTTP transactions. The main IP is 54.194.0.60, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.opensooq.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on August 9th 2021. Valid for: a year.
This is the only time www.opensooq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
5 os-cdn.com
opensooqui2.os-cdn.com — Cisco Umbrella Rank: 389413
pwa-assets.os-cdn.com
159 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
148 KB
3 opensooq.com
opensooq.com — Cisco Umbrella Rank: 236401
www.opensooq.com
73 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
83 KB
2 cloudfront.net
d1kghlu0e6mwpv.cloudfront.net
43 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
295 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
59 KB
1 google.com
accounts.google.com — Cisco Umbrella Rank: 62
73 KB
16 8
Domain Requested by
4 opensooqui2.os-cdn.com www.opensooq.com
d1kghlu0e6mwpv.cloudfront.net
3 securepubads.g.doubleclick.net www.opensooq.com
securepubads.g.doubleclick.net
2 connect.facebook.net www.opensooq.com
connect.facebook.net
2 d1kghlu0e6mwpv.cloudfront.net www.opensooq.com
d1kghlu0e6mwpv.cloudfront.net
2 opensooq.com 2 redirects
1 www.facebook.com
1 pwa-assets.os-cdn.com www.opensooq.com
1 www.googletagmanager.com www.opensooq.com
1 accounts.google.com www.opensooq.com
1 www.opensooq.com
16 10
Subject Issuer Validity Valid
*.opensooq.com
GeoTrust RSA CA 2018
2021-08-09 -
2022-09-09
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
accounts.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
*.os-cdn.com
Amazon
2021-06-13 -
2022-07-12
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-11-27 -
2022-02-25
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.opensooq.com/ar
Frame ID: 903AF2751E17F86C8BCE6622CA3A8661
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

السوق المفتوح : اعلانات مبوبة في بلدك : سيارات : عقارات : وظائف : موبايلات

Page URL History Show full URLs

  1. http://opensooq.com/ HTTP 301
    https://opensooq.com/ HTTP 301
    https://www.opensooq.com/ar Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

637 kB
Transfer

1652 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://opensooq.com/ HTTP 301
    https://opensooq.com/ HTTP 301
    https://www.opensooq.com/ar Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ar
www.opensooq.com/
Redirect Chain
  • http://opensooq.com/
  • https://opensooq.com/
  • https://www.opensooq.com/ar
224 KB
72 KB
Document
General
Full URL
https://www.opensooq.com/ar
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.0.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-0-60.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4b6d5062397685e9f7b6d1be587dd861db41816a65c7f3c16dc868ebe17d7f6b
Security Headers
Name Value
Content-Security-Policy default-src *; img-src * 'self' data: blob: https:; script-src * 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; style-src * 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; worker-src blob: 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Feb 2022 20:44:50 GMT
content-type
text/html; charset=UTF-8
server
nginx
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
DENY
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block
requuid
b49c949e869bdfea5cd4b76bd61fe02e
vary
Accept-Encoding,User-Agent
content-encoding
gzip
x-backend-server
127.0.0.1:8080
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src *; img-src * 'self' data: blob: https:; script-src * 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; style-src * 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; worker-src blob: 'self'

Redirect headers

date
Thu, 17 Feb 2022 20:44:50 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://www.opensooq.com/ar
server
nginx
x-frame-options
DENY
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block
requuid
b49c949e869bdfea5cd4b76bd61fe02e
vary
User-Agent
x-backend-server
127.0.0.1:8080
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src *; img-src * 'self' data: blob: https:; script-src * 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; style-src * 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; worker-src blob: 'self'
gpt.js
securepubads.g.doubleclick.net/tag/js/
82 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.opensooq.com
URL: https://www.opensooq.com/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
6d6b4ff319c1343319f1f87b14bea9fd6ac08a78a4dfe29d99a4e3a707103691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.opensooq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 20:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27493
x-xss-protection
0
server
sffe
etag
"1135 / 316 of 1000 / last-modified: 1645120418"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Feb 2022 20:44:50 GMT
client
accounts.google.com/gsi/
182 KB
73 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.opensooq.com
URL: https://www.opensooq.com/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a9739449a483e9941f8de120a06a59010be286e8d258f71e0c65b071d412256
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2ANPRXxd7uwioPNk4SVdMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.opensooq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 20:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-2ANPRXxd7uwioPNk4SVdMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"
expires
Thu, 17 Feb 2022 20:44:50 GMT
os-change-country-de80bc5723290f2dd25f47d4260e8ea61645117802.css
d1kghlu0e6mwpv.cloudfront.net/assets/desktop/css/
40 KB
10 KB
Stylesheet
General
Full URL
https://d1kghlu0e6mwpv.cloudfront.net/assets/desktop/css/os-change-country-de80bc5723290f2dd25f47d4260e8ea61645117802.css
Requested by
Host: www.opensooq.com
URL: https://www.opensooq.com/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de56308f69c510df88fc1e4eaf65b0bd658d1b8bd52932f12a2e677bd31d53bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.opensooq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 17:14:45 GMT
content-encoding
gzip
last-modified
Thu, 17 Feb 2022 17:10:12 GMT
server
AmazonS3
age
12606
etag
W/"de80bc5723290f2dd25f47d4260e8ea6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
2f-wBs8tED-NqBlZmQVD73hkgb85eMVbiRmR7YphxO9kMDvengSw-w==
expires
Tue, 16 Apr 2019 10:26:55 -0000 GMT
opensooq-logo.svg
opensooqui2.os-cdn.com/os_web/desktop/
19 KB
7 KB
Image
General
Full URL
https://opensooqui2.os-cdn.com/os_web/desktop/opensooq-logo.svg
Requested by
Host: www.opensooq.com
URL: https://www.opensooq.com/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-115.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1bc75daa4b279d2eb01f671a0a8e63043784a876147a2dc89451b9257a81f75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.opensooq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 21:09:03 GMT
content-encoding
gzip
last-modified
Tue, 19 Mar 2019 16:28:06 GMT
server
AmazonS3
age
21684949
etag
W/"8e40d934ff68336d9b2f9ec1c77dbc49"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
cache-control
max-age=157680000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
A3KOctReOfKxGSvp6YGOPfNYVuVic68iZL85pT1Ft-E_C5vftF0nhw==
expires
Tue, 16 Apr 2025 10:26:55 -0000 GMT
gtm.js
www.googletagmanager.com/
223 KB
59 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T9NV4C
Requested by
Host: www.opensooq.com
URL: https://www.opensooq.com/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f13853cb8e00bd5c06d900d7690ee96db395be0cea9d82dc9985b7522c1c6ccc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.opensooq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 20:44:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60150
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 19:25:54 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Feb 2022 20:44:51 GMT
osMobilePhoneLight.jpg
opensooqui2.os-cdn.com/os_web/desktop/
32 KB
32 KB
Image
General
Full URL
https://opensooqui2.os-cdn.com/os_web/desktop/osMobilePhoneLight.jpg
Requested by
Host: www.opensooq.com
URL: https://www.opensooq.com/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-115.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b05a0395a20dae9480e0f85568989901097f70f0665be8bc313427edfc8e10b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.opensooq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 08:11:09 GMT
via
1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
last-modified
Tue, 24 Sep 2019 11:46:27 GMT
server
AmazonS3
age
7389223
etag
"3e67413c6dbd5fc049794a4f6aef177f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public,max-age=60000000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
32585
x-amz-cf-id
ZqX6mPFXBedTZHnvv_BYPS7zmXfnygVNDau1St_tGUeBCqcb29KwcA==
osSectionsLight.jpg
opensooqui2.os-cdn.com/os_web/desktop/
39 KB
39 KB
Image
General
Full URL
https://opensooqui2.os-cdn.com/os_web/desktop/osSectionsLight.jpg
Requested by
Host: www.opensooq.com
URL: https://www.opensooq.com/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-115.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ebeda2631f9f273fe2c74655b58a04296bd388e84c9ec60ffb7bb1a08533d3a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.opensooq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 06:48:44 GMT
via
1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
last-modified
Tue, 24 Sep 2019 11:48:08 GMT
server
AmazonS3
age
14738168
etag
"a108f1c3568d3f6a31c1769b72ff60aa"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public,max-age=60000000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
39562
x-amz-cf-id
YMXnolUBgB2lckiZH9IhJcSlnbdT5JJkZhD65r0GcThkj1pUfeAp9Q==
socket.io.min.js
pwa-assets.os-cdn.com/socketio2/
60 KB
19 KB
Script
General
Full URL
https://pwa-assets.os-cdn.com/socketio2/socket.io.min.js
Requested by
Host: www.opensooq.com
URL: https://www.opensooq.com/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e76c41de428407b2711b278934d83e418e7088d0690875e34ca14caaa356d99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.opensooq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 03:11:13 GMT
content-encoding
gzip
last-modified
Thu, 31 Jan 2019 09:20:45 GMT
server
AmazonS3
age
236723
etag
W/"7ad1d101a841d95dc24e3485b6a46f43"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
sctAQrg0YZAOcpfwqrC7RCnxNz6JIqi8q6b5VmptD6uHI91Zzlv0Gw==
truncated
/
9 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
089e562b62926e22714afa550b28bc43aec0040cefd66fe79ad77534bdb6688d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
countryPageHeader.png
opensooqui2.os-cdn.com/os_web/desktop/
62 KB
62 KB
Image
General
Full URL
https://opensooqui2.os-cdn.com/os_web/desktop/countryPageHeader.png
Requested by
Host: d1kghlu0e6mwpv.cloudfront.net
URL: https://d1kghlu0e6mwpv.cloudfront.net/assets/desktop/css/os-change-country-de80bc5723290f2dd25f47d4260e8ea61645117802.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-115.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94f9e6e6752081b2cc12ca6797a35e93736c1a23dc45117277632148db6482ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d1kghlu0e6mwpv.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 06 Feb 2022 23:28:34 GMT
via
1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
last-modified
Tue, 24 Sep 2019 11:47:47 GMT
server
AmazonS3
age
940578
etag
"00b51337cbbf66f73ce5f8663adafb93"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public,max-age=60000000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
63339
x-amz-cf-id
idHv3JViONbtYl9D7db-VGRLJLprGlXz5_WGJdGy1GX3LU1W0qwiQA==
icomoon.32.woff2
d1kghlu0e6mwpv.cloudfront.net/themes/desktop/css/fonts/
32 KB
32 KB
Font
General
Full URL
https://d1kghlu0e6mwpv.cloudfront.net/themes/desktop/css/fonts/icomoon.32.woff2?162t6n3e4567
Requested by
Host: d1kghlu0e6mwpv.cloudfront.net
URL: https://d1kghlu0e6mwpv.cloudfront.net/assets/desktop/css/os-change-country-de80bc5723290f2dd25f47d4260e8ea61645117802.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81e9d506394071b0eb6da448ccaf56037bc52fba7eeb0176d57781809c5440b8

Request headers

Referer
https://d1kghlu0e6mwpv.cloudfront.net/assets/desktop/css/os-change-country-de80bc5723290f2dd25f47d4260e8ea61645117802.css
Origin
https://www.opensooq.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 15:14:53 GMT
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
10992599
x-cache
Hit from cloudfront
content-length
32716
last-modified
Wed, 13 Oct 2021 15:12:46 GMT
server
AmazonS3
etag
"52df20131ef026c44e9e15aea067e0e8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
Blw5eqhK5Hxd4Jf9MRczbrzKXA7_vTvfDczPx9n8CPF2pVHkHVTupw==
expires
Tue, 16 Apr 2019 10:26:55 -0000 GMT
pubads_impl_2022021502.js
securepubads.g.doubleclick.net/gpt/
360 KB
121 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064987
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
61daa5e10d1910c94db36832a3adb3e9bec2c60a0b584b37daea27f634f36fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.opensooq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 03:46:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123418
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 02:34:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Feb 2023 03:46:36 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
273 B
167 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.opensooq.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
919e96752cba9de7cc7854425d0d9634ccc431e0c2e4a08ebf5ca2de6fa43dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.opensooq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Feb 2022 20:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142
x-xss-protection
0
expires
Thu, 17 Feb 2022 20:44:51 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.opensooq.com
URL: https://www.opensooq.com/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d791e13ae75106b3c9eca63587fd750db827e13db195f294a24ee7c195efadc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.opensooq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
cF1Jr6GanbM476N/9lqwTw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Thu, 17 Feb 2022 21:02:17 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
yilJV49KDUDvMcGcjsJc4bruuyA4EDBiypf39HZo4tKYLy69N6MDOJLl7KHob+pJYy87EoanbYSlUdoKcJzQpQ==
x-fb-trip-id
917726464
x-fb-content-md5
bd8e9d1421c72f1e70dbdc92aef5f677
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 17 Feb 2022 20:44:51 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"81ab7f9a756026604643d64a95f27a86"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
sdk.js
connect.facebook.net/en_US/
285 KB
80 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f02c8f121bd9a57bd6162f61fbf95079
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
547cd7ac606aaedfe903185602e2d97fb973ff56e6c0ee6d930b9aa497e66ec8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.opensooq.com/
Origin
https://www.opensooq.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
B6uGdFDeY6AsNBg6le15hQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Fri, 17 Feb 2023 18:29:19 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82176
x-fb-rlafr
0
x-fb-debug
1hwy1iWxExjmJSkd6HFn06AkK5kiDYzbnKbdpTXch9AbleUkfQutEsKtpALQ51gkHE1EBS+Ks7+GsKErc+i+jw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
9ef00159182660d65864d258f81eed99
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Feb 2022 20:44:51 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"49824fc303be9da9454f91252ef4bd84"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
/
www.facebook.com/tr/
44 B
295 B
Image
General
Full URL
https://www.facebook.com/tr/?id=166809770174047&ev=fb_page_view&dl=https%3A%2F%2Fwww.opensooq.com%2Far&rl=&if=false&ts=1645130691247&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.opensooq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 20:44:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Thu, 17 Feb 2022 20:44:51 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| Cookies object| dataLayer number| chatUploadMaxFileSize string| platform string| lang object| googletag object| ggeac object| google_js_reporting_queue function| io undefined| userAgent undefined| google_measure_js_timing object| google_tag_manager object| google_tag_data function| fbAsyncInit object| default_gsi object| google object| closure_lm_48328 object| FB

5 Cookies

Domain/Path Name / Value
.opensooq.com/ Name: device_uuid
Value: 8512004f-7a35-4d9b-91ca-e9fde5bc9f17
.opensooq.com/ Name: at0
Value: 55e675ee46983a55cf3f738e5596b0a2f3ac472148b38fec814f15dc873a8d53a%3A2%3A%7Bi%3A0%3Bs%3A3%3A%22at0%22%3Bi%3A1%3Bi%3A1645130690%3B%7D
.opensooq.com/ Name: PHPSESSID
Value: 9c57f359397991694f79bb506d4399a5
www.opensooq.com/ Name: _csrf
Value: ee990a04b9ae56b5a4047ccff5025916c99b2dac896fa2263be58fe3cd27a3b0a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22trLxBJS1BJHLAA9V_KCgv-EVOoXfN0Zf%22%3B%7D
.opensooq.com/ Name: _gcl_au
Value: 1.1.1336406200.1645130691

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *; img-src * 'self' data: blob: https:; script-src * 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; style-src * 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; worker-src blob: 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
connect.facebook.net
d1kghlu0e6mwpv.cloudfront.net
opensooq.com
opensooqui2.os-cdn.com
pwa-assets.os-cdn.com
securepubads.g.doubleclick.net
www.facebook.com
www.googletagmanager.com
www.opensooq.com
142.250.185.226
143.204.98.115
143.204.98.61
2a00:1450:4001:808::2008
2a00:1450:4001:808::200d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
54.194.0.60
089e562b62926e22714afa550b28bc43aec0040cefd66fe79ad77534bdb6688d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
3a9739449a483e9941f8de120a06a59010be286e8d258f71e0c65b071d412256
4b6d5062397685e9f7b6d1be587dd861db41816a65c7f3c16dc868ebe17d7f6b
547cd7ac606aaedfe903185602e2d97fb973ff56e6c0ee6d930b9aa497e66ec8
5e76c41de428407b2711b278934d83e418e7088d0690875e34ca14caaa356d99
61daa5e10d1910c94db36832a3adb3e9bec2c60a0b584b37daea27f634f36fd0
6d6b4ff319c1343319f1f87b14bea9fd6ac08a78a4dfe29d99a4e3a707103691
81e9d506394071b0eb6da448ccaf56037bc52fba7eeb0176d57781809c5440b8
919e96752cba9de7cc7854425d0d9634ccc431e0c2e4a08ebf5ca2de6fa43dcf
94f9e6e6752081b2cc12ca6797a35e93736c1a23dc45117277632148db6482ef
b05a0395a20dae9480e0f85568989901097f70f0665be8bc313427edfc8e10b4
d791e13ae75106b3c9eca63587fd750db827e13db195f294a24ee7c195efadc7
de56308f69c510df88fc1e4eaf65b0bd658d1b8bd52932f12a2e677bd31d53bc
ebeda2631f9f273fe2c74655b58a04296bd388e84c9ec60ffb7bb1a08533d3a2
f13853cb8e00bd5c06d900d7690ee96db395be0cea9d82dc9985b7522c1c6ccc
f1bc75daa4b279d2eb01f671a0a8e63043784a876147a2dc89451b9257a81f75