Submitted URL: https://campaign-statistics.com/link_click/xb404rRHR2_rA07l/bb5d4ce4d66048f68cb99d0dd3c89162
Effective URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=ema...
Submission: On May 25 via api from FR — Scanned from FR

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 73 HTTP transactions. The main IP is 45.249.111.69, located in India and belongs to CTRLS-AS-IN CtrlS Datacenters Ltd., IN. The main domain is www.fares91.com.
TLS certificate: Issued by GoGetSSL RSA DV CA on February 28th 2022. Valid for: a year.
This is the only time www.fares91.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
23 45.249.111.69 18229 (CTRLS-AS-...)
1 2a00:1450:400... 15169 (GOOGLE)
11 2600:9000:215... 16509 (AMAZON-02)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 34.107.203.234 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
73 9
Apex Domain
Subdomains
Transfer
19 fares91.com
www.fares91.com
576 KB
17 luckyorange.com
tools.luckyorange.com — Cisco Umbrella Rank: 19654
settings.luckyorange.com — Cisco Umbrella Rank: 19979
api-preview.luckyorange.com — Cisco Umbrella Rank: 128460
416 KB
5 flagcdn.com
flagcdn.com — Cisco Umbrella Rank: 50911
6 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
storage.googleapis.com — Cisco Umbrella Rank: 498
108 KB
4 traviyo.com
backend.traviyo.com
packageapi.traviyo.com Failed
4 MB
1 myfonts.net
hello.myfonts.net — Cisco Umbrella Rank: 5529
354 B
1 gstatic.com
fonts.gstatic.com
33 KB
1 campaign-statistics.com
campaign-statistics.com — Cisco Umbrella Rank: 472958
844 B
73 8
Domain Requested by
19 www.fares91.com www.fares91.com
11 tools.luckyorange.com www.fares91.com
tools.luckyorange.com
5 flagcdn.com www.fares91.com
4 storage.googleapis.com www.fares91.com
4 api-preview.luckyorange.com tools.luckyorange.com
4 backend.traviyo.com www.fares91.com
2 settings.luckyorange.com tools.luckyorange.com
1 hello.myfonts.net client
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.fares91.com
1 campaign-statistics.com 1 redirects
0 packageapi.traviyo.com Failed www.fares91.com
73 12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
myaccount.google.com
wa.me
traviyo.com
Subject Issuer Validity Valid
fares91.com
GoGetSSL RSA DV CA
2022-02-28 -
2023-02-28
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
luckyorange.com
Amazon
2022-01-17 -
2023-02-15
a year crt.sh
backend.traviyo.com
GoGetSSL RSA DV CA
2022-03-11 -
2022-06-28
4 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-07 -
2022-07-06
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
settings.luckyorange.com
R3
2022-05-04 -
2022-08-02
3 months crt.sh
api-preview.luckyorange.com
R3
2022-05-04 -
2022-08-02
3 months crt.sh
*.storage.googleapis.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Frame ID: E11A60EE84EB68544A21A66B12534D42
Requests: 54 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/core.js?v=c28bf5e
Frame ID: 9D356F299D84F407C839D873A964F48A
Requests: 4 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=c28bf5e
Frame ID: 7AC0E0826AB310D26964C396E840A979
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

Fares91

Page URL History Show full URLs

  1. https://campaign-statistics.com/link_click/xb404rRHR2_rA07l/bb5d4ce4d66048f68cb99d0dd3c89162 HTTP 302
    https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsl... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

71 %
HTTPS

78 %
IPv6

8
Domains

12
Subdomains

9
IPs

3
Countries

5094 kB
Transfer

8161 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://campaign-statistics.com/link_click/xb404rRHR2_rA07l/bb5d4ce4d66048f68cb99d0dd3c89162 HTTP 302
    https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp} Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.fares91.com/
Redirect Chain
  • https://campaign-statistics.com/link_click/xb404rRHR2_rA07l/bb5d4ce4d66048f68cb99d0dd3c89162
  • https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
136 KB
29 KB
Document
General
Full URL
https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e801cbaf5b25d51ea364ac940e308fa5093663d1339f293f8f4e59e0cdb79f57

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
29891
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 08:13:12 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET

Redirect headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
710ccf78bddecd8b-CDG
content-type
text/html; charset=UTF-8
date
Wed, 25 May 2022 08:13:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://www.fares91.com?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGLryAo9nCtgEWqtrTxphjQHsZtobpLMTL8Zx7zlk3veou%2FwQd7OKQmdAb6xphYr04I9e92ERCvY20w2TyUFOcn3g0QNqaIpiw7TKUSJSsJooQIv0C053t12eN1oYpS2yU2lpQvlOZwSL0WiSINz7%2FKQUEoyHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
css2
fonts.googleapis.com/
22 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1cfd8ae5b53d44e1929066bb4d853071ae7891427162c241e9533b6fae02ca87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 May 2022 07:07:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 25 May 2022 08:13:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 May 2022 08:13:13 GMT
bootstrap.css
www.fares91.com/Content/css/
507 KB
74 KB
Stylesheet
General
Full URL
https://www.fares91.com/Content/css/bootstrap.css
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
96b3d516c5f5a45ac627cb0615fc1b5a3c277356fa19b1f6089abcf52d858619

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:12 GMT
content-encoding
gzip
last-modified
Fri, 06 May 2022 14:40:58 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0b9714c5761d81:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
76030
style.css
www.fares91.com/Content/css/
383 KB
58 KB
Stylesheet
General
Full URL
https://www.fares91.com/Content/css/style.css
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f3836c177338c473bb424c4f1aaea14a408b76e5dd1d2a6b4ca4e0ef0ea9b6fe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:12 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 06:42:40 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"070c1243964d81:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
59060
app-jquery.js
www.fares91.com/Content/js/
650 KB
166 KB
Script
General
Full URL
https://www.fares91.com/Content/js/app-jquery.js
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4bf2fd3216c075de763d5f8370d3daedbb87aa9406c5b4dd3e33243d22c98522

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:12 GMT
content-encoding
gzip
last-modified
Fri, 06 May 2022 14:40:58 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0b9714c5761d81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
169468
app-bundal.js
www.fares91.com/Content/js/
181 KB
52 KB
Script
General
Full URL
https://www.fares91.com/Content/js/app-bundal.js
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5b72599139d65f8acc1f43246b6b1bbd22f0b41acc8b9bfa6d943626fb8d3262

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:12 GMT
content-encoding
gzip
last-modified
Fri, 06 May 2022 14:41:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0e6a24d5761d81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
52842
app-init.js
www.fares91.com/Content/js/
13 KB
3 KB
Script
General
Full URL
https://www.fares91.com/Content/js/app-init.js
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3438695c30d1306735ebcaf7191b44e4926a54827ed8b166b8dac26576909d46

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:12 GMT
content-encoding
gzip
last-modified
Fri, 06 May 2022 14:40:57 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8022d94b5761d81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3132
jquery.unobtrusive-ajax.js
www.fares91.com/Content/
7 KB
2 KB
Script
General
Full URL
https://www.fares91.com/Content/jquery.unobtrusive-ajax.js
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1b8a17701b2d5afa350f8eb98e17419014c25c0bc04124a5113c018ea33ad831

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:12 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 19:08:06 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"02fa31e215fd81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2211
jquery.validate.mvc.js
www.fares91.com/Content/
7 KB
2 KB
Script
General
Full URL
https://www.fares91.com/Content/jquery.validate.mvc.js
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bef4055a627e401ff953cc799fa81483682d7938e701a6f449ca2c53e7a69c2c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:12 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 19:08:06 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"02fa31e215fd81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1826
jquery.validate.unobtrusive.js
www.fares91.com/Content/
19 KB
5 KB
Script
General
Full URL
https://www.fares91.com/Content/jquery.validate.unobtrusive.js
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0bd6658f9da18b0a473ae5be1df45fda351d7921b85decefdae6f7f58f9e1bb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:12 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 19:08:06 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"02fa31e215fd81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4784
lo.js
tools.luckyorange.com/core/
11 KB
5 KB
Script
General
Full URL
https://tools.luckyorange.com/core/lo.js?site-id=220fa1fd
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7200:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8fd634c722b783dd8760b85cbb3fe1167b3fbc5d2b608349ca48ec9b1ec75525

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 07:21:42 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 15:44:17 GMT
server
AmazonS3
age
3094
etag
"b70a042069ed20180a63413073af6683"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4324
x-amz-cf-id
WR3kFqQp2kaBHg6hPS_2aZctacnrynxBAkdWjqUSbUYTMgYppj6GnQ==
637822368504525951_temp.png
backend.traviyo.com/Images/ProfileSettingss/Ankit_51417/
24 KB
24 KB
Image
General
Full URL
https://backend.traviyo.com/Images/ProfileSettingss/Ankit_51417/637822368504525951_temp.png
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e33e265757b31e1125128422557486624501c38f1d548324020d44d19c2b054e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:15 GMT
last-modified
Mon, 07 Mar 2022 02:30:50 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7f78535ccb31d81:0"
content-type
image/png
accept-ranges
bytes
content-length
24393
avator.svg
www.fares91.com/Content/images/
2 KB
2 KB
Image
General
Full URL
https://www.fares91.com/Content/images/avator.svg
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
01035192d3e569357432589c120bbe107b023612947d33117514c96611a02014

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:14 GMT
last-modified
Tue, 03 May 2022 19:08:08 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"35b5fe1f215fd81:0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1980
637879003661007337_temp.jpg
backend.traviyo.com/Images/Banners/Ankit_51417/
2 MB
3 MB
Image
General
Full URL
https://backend.traviyo.com/Images/Banners/Ankit_51417/637879003661007337_temp.jpg
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3636025b9d3d6e000025bb9411996edee3ce442bbd05274c3ecabc76357086f8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:15 GMT
last-modified
Wed, 11 May 2022 15:42:46 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e9bdb5c24d65d81:0"
content-type
image/jpeg
accept-ranges
bytes
content-length
2617090
637878998089114873_temp.jpg
backend.traviyo.com/Images/Banners/Ankit_51417/
1 MB
1 MB
Image
General
Full URL
https://backend.traviyo.com/Images/Banners/Ankit_51417/637878998089114873_temp.jpg
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
48173bca94ccfa9ce833e9967cb93325f22464d16354020ed0daf0ee9d801155

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:15 GMT
last-modified
Wed, 11 May 2022 15:33:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f96899764c65d81:0"
content-type
image/jpeg
accept-ranges
bytes
content-length
1400192
637879005717953134_temp.jpg
backend.traviyo.com/Images/Banners/Ankit_51417/
0
0

637878998298027525_temp.jpg
backend.traviyo.com/Images/Banners/Ankit_51417/
0
0

637879001605669152_temp.jpg
backend.traviyo.com/Images/Banners/Ankit_51417/
544 KB
0
Image
General
Full URL
https://backend.traviyo.com/Images/Banners/Ankit_51417/637879001605669152_temp.jpg
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:15 GMT
last-modified
Wed, 11 May 2022 15:39:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"5c2836484d65d81:0"
content-type
image/jpeg
accept-ranges
bytes
content-length
1276036
637878998510221273_temp.jpg
backend.traviyo.com/Images/Banners/Ankit_51417/
0
0

637878998615068206_temp.jpg
backend.traviyo.com/Images/Banners/Ankit_51417/
0
0

637878998718352652_temp.jpg
backend.traviyo.com/Images/Banners/Ankit_51417/
0
0

in.png
flagcdn.com/32x24/
1 KB
2 KB
Image
General
Full URL
https://flagcdn.com/32x24/in.png
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3e94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03aaaacb31cc0a3f8e5be0a898ae838d4ef7cfc1621765e012911c6dfe99ba94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:15 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
528576
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1027
last-modified
Thu, 19 Nov 2020 12:03:34 GMT
server
cloudflare
etag
"5fb65f16-403"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bR6Hm7XYK86kFVvHQmRlPAik%2Bu117G4UgJ5JJCEjP43eIjlQ%2BdX2NiAWzABpYI2lmmCPK%2FNrQxX6xBwb9bI1Dxf7I44PRZ1TpnX8k4LYwXJwZ4PBiUFG9oo3XPFxEaEPRwmANZTE4FFlHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-maxage=2678400
accept-ranges
bytes
cf-ray
710ccf8a28b9331c-CDG
sg.png
flagcdn.com/32x24/
838 B
1 KB
Image
General
Full URL
https://flagcdn.com/32x24/sg.png
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3e94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f3df07bcc3a5781827a394f0057947e623b02ce44842d892dbd6476bdef2300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:15 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2318485
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
838
last-modified
Thu, 19 Nov 2020 12:03:34 GMT
server
cloudflare
etag
"5fb65f16-346"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oz8eV9elaGyUwAAPyGvlQi%2FvWNisOss%2BTtrRSFlkv76RzEJo6pJ%2BwVNSEUY%2F0zUuRCqEbp2KmSx52NqdPSoDNU2F9wqMWOIY78EuvUkQEwXzRI%2FL97TJLrcjG8yk%2FTXo8RYSNjfnhUPUlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-maxage=2678400
accept-ranges
bytes
cf-ray
710ccf8a28bd331c-CDG
ae.png
flagcdn.com/32x24/
707 B
1016 B
Image
General
Full URL
https://flagcdn.com/32x24/ae.png
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3e94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4df9359a1a54ae242225a0f8a0ea405c5c3f0033e6ad0613008213c6971c33d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:15 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2318485
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
707
last-modified
Thu, 19 Nov 2020 12:03:34 GMT
server
cloudflare
etag
"5fb65f16-2c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grpWfLtscKzlmbF9e7aXXJqtN9w6hHFz5Razz6RA5lvB3Z%2BOfZq%2Bbeba6WB%2F1J9j286q2YkNJqCuxZEmdyWxx%2F7avIGzQsLYc4YiFrv6pgod27Ae3sKbDZbuAgoWMqUxQbBiVEZMSgJHLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-maxage=2678400
accept-ranges
bytes
cf-ray
710ccf8a28be331c-CDG
th.png
flagcdn.com/32x24/
988 B
1 KB
Image
General
Full URL
https://flagcdn.com/32x24/th.png
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3e94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18f68845bb61d5ced11810bf698ab023515fc6b0386f219021c371ea0c5a019d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:15 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2318485
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
988
last-modified
Thu, 19 Nov 2020 12:03:34 GMT
server
cloudflare
etag
"5fb65f16-3dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCe0sumHr8CLC87%2BtbyCzLAUtUIbzR5nJVy1NXb1IbjtspTp0S%2FB7lk%2BjditVeff2%2B%2BndWC6U492Hpz6EbaBRnWvzwyxynT4UQ699etyrzrUHM8opAAvmDLZsYwwPVcmUZq9OxfT%2BcpCng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-maxage=2678400
accept-ranges
bytes
cf-ray
710ccf8a690b331c-CDG
np.png
flagcdn.com/32x24/
839 B
1 KB
Image
General
Full URL
https://flagcdn.com/32x24/np.png
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3e94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
411db9e83afd766d43da56336eb211b4b05b875f8c4caeaa8091fb7b2408a242
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:15 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
529689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
839
last-modified
Thu, 19 Nov 2020 12:03:34 GMT
server
cloudflare
etag
"5fb65f16-347"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJxRK28xvkTgr37prxRRCS9FItwTQlJdEzjIkQFz6HdIRf9Px2nxAfkwKh11dGzdIISC3K8NzwzCPul8bF2C5NyMpyerlcvnscr4ChQQgjzjRthaFjLQGFbkQEqPGEx5ZnzYpqb9LPveXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-maxage=2678400
accept-ranges
bytes
cf-ray
710ccf8a690c331c-CDG
637863509547153603_temp.png
backend.traviyo.com/Images/Testimonials/Ankit_51417/
0
0

637863509466522600_temp.png
backend.traviyo.com/Images/Testimonials/Ankit_51417/
0
0

637863510511431114_temp.png
backend.traviyo.com/Images/Testimonials/Ankit_51417/
0
0

637863509366672141_temp.png
backend.traviyo.com/Images/Testimonials/Ankit_51417/
0
0

637863510422050832_temp.png
backend.traviyo.com/Images/Testimonials/Ankit_51417/
0
0

637863509257446411_temp.png
backend.traviyo.com/Images/Testimonials/Ankit_51417/
0
0

637863509166816248_temp.png
backend.traviyo.com/Images/Testimonials/Ankit_51417/
0
0

637863510270010346_temp.png
backend.traviyo.com/Images/Testimonials/Ankit_51417/
0
0

637863509069777645_temp.png
backend.traviyo.com/Images/Testimonials/Ankit_51417/
0
0

637863508954144554_temp.png
backend.traviyo.com/Images/Testimonials/Ankit_51417/
0
0

637863503255915734_temp.png
backend.traviyo.com/Images/Testimonials/Ankit_51417/
0
0

637872921516877858_temp.png
backend.traviyo.com/Images/Testimonials/Ankit_51417/
0
0

637879011561959748_temp.png
backend.traviyo.com/Images/Testimonials/Ankit_51417/
0
0

headerFooter.js
www.fares91.com/ViewScripts/Home/
3 KB
956 B
Script
General
Full URL
https://www.fares91.com/ViewScripts/Home/headerFooter.js
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
123df6a551141f80cb180a7653cd381d8b463895951d0ef128671105a1fbbce5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:14 GMT
content-encoding
gzip
last-modified
Mon, 09 May 2022 14:16:51 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"804b346daf63d81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
852
fa-solid-900.woff2
www.fares91.com/Content/fonts/fontawesome/
78 KB
79 KB
Font
General
Full URL
https://www.fares91.com/Content/fonts/fontawesome/fa-solid-900.woff2
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/Content/css/bootstrap.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer
https://www.fares91.com/Content/css/bootstrap.css
Origin
https://www.fares91.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:14 GMT
last-modified
Tue, 03 May 2022 19:08:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"3796362f215fd81:0"
content-type
application/font-woff2
accept-ranges
bytes
content-length
80300
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v20/
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v20/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fares91.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 18 May 2022 19:25:03 GMT
x-content-type-options
nosniff
age
564492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33620
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:47:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 May 2023 19:25:03 GMT
airplane.png
www.fares91.com/Content/images/icons/
2 KB
2 KB
Image
General
Full URL
https://www.fares91.com/Content/images/icons/airplane.png
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/Content/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1100f07c1c7b7e437e97743f21b2815d34251c0f01a4b6cac69c6afc09a51dd4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/Content/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:14 GMT
last-modified
Tue, 03 May 2022 19:08:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"b757762d215fd81:0"
content-type
image/png
accept-ranges
bytes
content-length
1858
return.png
www.fares91.com/Content/images/icons/
5 KB
5 KB
Image
General
Full URL
https://www.fares91.com/Content/images/icons/return.png
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/Content/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
22b655908ef88c4af55ff965be7cd60e83abb0a6c5fbee7215792d13c32d835f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/Content/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:14 GMT
last-modified
Tue, 03 May 2022 19:08:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"cf7bf92d215fd81:0"
content-type
image/png
accept-ranges
bytes
content-length
4705
calendar.png
www.fares91.com/Content/images/icons/
4 KB
4 KB
Image
General
Full URL
https://www.fares91.com/Content/images/icons/calendar.png
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/Content/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e69f7ec820dffd1b1fd4611d70a4a866f7e4566ade792698199652488fef4338

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/Content/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:14 GMT
last-modified
Tue, 03 May 2022 19:08:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"84a6842d215fd81:0"
content-type
image/png
accept-ranges
bytes
content-length
4055
traveler.png
www.fares91.com/Content/images/icons/
3 KB
4 KB
Image
General
Full URL
https://www.fares91.com/Content/images/icons/traveler.png
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/Content/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
05b536675bcf5a7998899ac998747e0e085d71385401c7acb77afe600c230dec

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/Content/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:14 GMT
last-modified
Tue, 03 May 2022 19:08:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"91c872e215fd81:0"
content-type
image/png
accept-ranges
bytes
content-length
3555
HomeData
www.fares91.com/Home/
51 KB
6 KB
XHR
General
Full URL
https://www.fares91.com/Home/HomeData
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/Content/js/app-jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6f1bde69ed418d77724dc05f4224256305dc13aab9dab7e0f5795d14e583f5f8

Request headers

Accept
*/*
Referer
https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:15 GMT
content-encoding
gzip
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
private
content-length
6400
quote.png
www.fares91.com/Content/images/
6 KB
6 KB
Image
General
Full URL
https://www.fares91.com/Content/images/quote.png
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/Content/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b7a94d76815516d81d89934b8fad5dce3f756138a6d9d9ca67dcbb3069af42fc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/Content/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:16 GMT
last-modified
Tue, 03 May 2022 19:08:09 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"76c36e20215fd81:0"
content-type
image/png
accept-ranges
bytes
content-length
5917
220fa1fd
settings.luckyorange.com/ Frame
0
0
Preflight
General
Full URL
https://settings.luckyorange.com/220fa1fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://www.fares91.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.fares91.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 May 2022 08:13:16 GMT
via
1.1 google
220fa1fd
settings.luckyorange.com/
9 KB
3 KB
Fetch
General
Full URL
https://settings.luckyorange.com/220fa1fd
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=220fa1fd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2573721aea04046c64db602d0ecd143a78fda512e28106c6a34110fbca17aa39

Request headers

Referer
https://www.fares91.com/
accept-language
fr-FR,fr;q=0.9
x-lucky-uid
undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:17 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.fares91.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
truncated
/
723 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a761b85bf91bc938810d805e56cec026af70b64ad1fa466a486870e54037909b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
fa-brands-400.woff2
www.fares91.com/Content/fonts/fontawesome/
77 KB
77 KB
Font
General
Full URL
https://www.fares91.com/Content/fonts/fontawesome/fa-brands-400.woff2
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/Content/css/bootstrap.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.249.111.69 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Referer
https://www.fares91.com/Content/css/bootstrap.css
Origin
https://www.fares91.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:16 GMT
last-modified
Tue, 03 May 2022 19:08:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e7ce2f215fd81:0"
content-type
application/font-woff2
accept-ranges
bytes
content-length
78460
GetAboutUsDetails
packageapi.traviyo.com/api/AboutUs/
0
0

core.js
tools.luckyorange.com/core/ Frame 9D35
203 KB
62 KB
Script
General
Full URL
https://tools.luckyorange.com/core/core.js?v=c28bf5e
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=220fa1fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7200:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cb85442767d86da75ab5c9cf3faf116d87a0a40925d5b002d65543edc0dc01f

Request headers

Referer
Origin
https://www.fares91.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 04:17:00 GMT
content-encoding
gzip
age
964578
x-cache
Hit from cloudfront
content-length
62948
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 15:44:18 GMT
server
AmazonS3
etag
"9f6b0d0ac751129300de17894fa7d12c"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
9-ex8l4TeJcm8PHncRRhDTgduwfKlj9gEZMOggMRrYJjNxGeOS2aIg==
bootstrap.js
tools.luckyorange.com/messenger/
4 KB
2 KB
Script
General
Full URL
https://tools.luckyorange.com/messenger/bootstrap.js
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=c28bf5e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7200:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3208cfa5ef112cb02b5c9b160f3f40a75961b113c5de6017416704eadc88999

Request headers

Referer
https://www.fares91.com/
Origin
https://www.fares91.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:07:45 GMT
content-encoding
gzip
age
333
x-cache
Hit from cloudfront
content-length
1680
access-control-allow-origin
*
last-modified
Thu, 07 Apr 2022 20:59:37 GMT
server
AmazonS3
etag
"08c1a9cf97473b31623a245f9848b9f9"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
yJhoWwqFUOfEVLXoWuInA0f6pZwh1h5XzmKCm4bYddMWFNfouuSrzw==
main.js
tools.luckyorange.com/integrations/integration-google-optimize/core/ Frame 9D35
6 KB
3 KB
Script
General
Full URL
https://tools.luckyorange.com/integrations/integration-google-optimize/core/main.js
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=c28bf5e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7200:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5979ee80441c1e1638d3f3ecb179a4a6440fbbdd14a26acbfe81a1a7b0bf245

Request headers

Referer
Origin
https://www.fares91.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:07:45 GMT
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 19:46:53 GMT
server
AmazonS3
age
333
etag
W/"a47df1a173181d23fc268a87a5a73c46"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
lzvz2CajNlEitILOzPu6P4Oh3Z1bQxtK1WT-msKRCe99D02nAfpyoQ==
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
index.html
tools.luckyorange.com/messenger/
1 KB
887 B
Fetch
General
Full URL
https://tools.luckyorange.com/messenger/index.html
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7200:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31473b43396149402d7b424789f10f68e2f163ab35931795b67a9d2f5cc3e3f6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 04:25:02 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 20:59:33 GMT
server
AmazonS3
age
13696
etag
W/"15606482947162e9a5c14022d1f23d10"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
UtC70zn-NX2rFLPFGHrCi0TRUskjcqZTTayvGksCoTGfKbKHZD-NDQ==
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
frame.js
tools.luckyorange.com/core/ Frame 7AC0
57 KB
18 KB
Script
General
Full URL
https://tools.luckyorange.com/core/frame.js?v=c28bf5e
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=c28bf5e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7200:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da5fe20c6f2fd6c160154f3a8bedefe5682de4d66c380acd94a87f4167820660

Request headers

Referer
Origin
https://www.fares91.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:07:45 GMT
content-encoding
gzip
age
332
x-cache
Hit from cloudfront
content-length
18346
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 15:44:17 GMT
server
AmazonS3
etag
"e52ba9701cb9fddd814f927bd3031ef8"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
xdZam2xFGqoxUUitJuBXHar9Jm1r71lAgGrV_NpIK81SmcEzKmXX3Q==
app.51149f0e.css
tools.luckyorange.com/messenger/css/ Frame 7AC0
6 KB
2 KB
Stylesheet
General
Full URL
https://tools.luckyorange.com/messenger/css/app.51149f0e.css
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7200:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87365b52e61ce1f1e536bc9d68df10c54806618a91165bfec69a25c2e65ddacd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 20:59:59 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 20:59:38 GMT
server
AmazonS3
age
4101199
etag
"2eec34d69660ac29976523d6c79d37ef"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1478
x-amz-cf-id
rYthgnYWP8uYGPTHEaOA5ot8kQs1GA2jcivZ3M_omPoLmDqwkt64kA==
chunk-vendors.f7467ed3.css
tools.luckyorange.com/messenger/css/ Frame 7AC0
497 B
594 B
Stylesheet
General
Full URL
https://tools.luckyorange.com/messenger/css/chunk-vendors.f7467ed3.css
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7200:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac9859cce1a917e02aed963bf1351b847bd893cab6229204f03af99d71713048

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 20:59:59 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 20:59:38 GMT
server
AmazonS3
age
4101199
etag
"33cc0e352cc89ef8f4b327f30fb0d595"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
236
x-amz-cf-id
CizvnR-po-eEZ08AZ-6Rxz3mahQPwBRW-HAYi6erdA2vqNA7oIznyw==
app.858a6629.js
tools.luckyorange.com/messenger/js/ Frame 7AC0
124 KB
29 KB
Script
General
Full URL
https://tools.luckyorange.com/messenger/js/app.858a6629.js
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7200:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44b28bf030fefb6c8fdfe7fd36ede00bee4d9d428b39bf06ac3414b1cb77a8c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 20:59:59 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 20:59:38 GMT
server
AmazonS3
age
4101199
etag
"0bcbb3f97b6e711bc1d34464c02c100c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
28989
x-amz-cf-id
qxq-hzNB38OxblLiWUV3eSHbSdShqR9l3QP-VzLaz1T-N_LH_bwchg==
chunk-vendors.9c0f959d.js
tools.luckyorange.com/messenger/js/ Frame 7AC0
928 KB
290 KB
Script
General
Full URL
https://tools.luckyorange.com/messenger/js/chunk-vendors.9c0f959d.js
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7200:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed32e1fab033fc35c340f2599cb74482033499035e22898c66d3f08b9bb737d0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 20:59:59 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 20:59:38 GMT
server
AmazonS3
age
4101199
etag
"38e8269629be6a97011dbb0f80f5b8c1"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
296027
x-amz-cf-id
FBkSX_WSmlLxCur7A4voN4vUTE2CQwwIhQ2KUXR3hi0OXRKrk65ljA==
36f1f3
hello.myfonts.net/count/ Frame 7AC0
0
354 B
Stylesheet
General
Full URL
https://hello.myfonts.net/count/36f1f3
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f349 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:17 GMT
server
cloudflare
age
1
expect-ct
null
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
710ccf995b3c4069-CDG
content-length
0
expires
Thu, 25 May 2023 08:13:17 GMT
b076aa29-aa51-42f3-9b58-59c8070c426c
https://www.fares91.com/ Frame 9D35
0
0
Other
General
Full URL
blob:https://www.fares91.com/b076aa29-aa51-42f3-9b58-59c8070c426c
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
0
36a9d03a-d3d4-485f-8f87-56947d3c64c2
https://www.fares91.com/ Frame 9D35
22 KB
0
Other
General
Full URL
blob:https://www.fares91.com/36a9d03a-d3d4-485f-8f87-56947d3c64c2
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
facdb180b697f86f717823c9b0690f55f4792754d6df3bfe356624240d9a0253

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
22873
search
api-preview.luckyorange.com/conversations/threads/ Frame 7AC0
21 B
37 B
XHR
General
Full URL
https://api-preview.luckyorange.com/conversations/threads/search
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/js/chunk-vendors.9c0f959d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
89d6f64fc4b6b092d092522cfbfcdcb2c6df75832018868995c3b3422ee1c68e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fares91.com/
X-Lucky-Site-Id
220fa1fd
accept-language
fr-FR,fr;q=0.9
X-Lucky-Uid
220fa1fd-1653466397066-7747b51ea8d613f9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 25 May 2022 08:13:17 GMT
via
1.1 google
server
envoy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
search
api-preview.luckyorange.com/conversations/threads/ Frame
0
0
Preflight
General
Full URL
https://api-preview.luckyorange.com/conversations/threads/search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-lucky-site-id,x-lucky-uid
Access-Control-Request-Method
POST
Origin
https://www.fares91.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 May 2022 08:13:17 GMT
server
envoy
via
1.1 google
x-envoy-upstream-service-time
3
220fa1fd-1653466397066-7747b51ea8d613f9
api-preview.luckyorange.com/visitors/ Frame
0
0
Preflight
General
Full URL
https://api-preview.luckyorange.com/visitors/220fa1fd-1653466397066-7747b51ea8d613f9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-site-id,x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://www.fares91.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 May 2022 08:13:18 GMT
server
envoy
via
1.1 google
x-envoy-upstream-service-time
1
220fa1fd-1653466397066-7747b51ea8d613f9
api-preview.luckyorange.com/visitors/ Frame 7AC0
84 B
100 B
XHR
General
Full URL
https://api-preview.luckyorange.com/visitors/220fa1fd-1653466397066-7747b51ea8d613f9
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/js/chunk-vendors.9c0f959d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
0fb0dd87ab916910fde39022c9756d3e3ce90e1d251067ca127db55b43011f0e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fares91.com/
accept-language
fr-FR,fr;q=0.9
X-Lucky-Uid
220fa1fd-1653466397066-7747b51ea8d613f9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-Lucky-Site-Id
220fa1fd

Response headers

date
Wed, 25 May 2022 08:13:23 GMT
via
1.1 google
server
envoy
access-control-allow-origin
*
access-control-allow-credentials
true
x-envoy-upstream-service-time
5012
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84
avenir-demi.woff2
storage.googleapis.com/lucky-orange-public/fonts/ Frame 7AC0
25 KB
26 KB
Font
General
Full URL
https://storage.googleapis.com/lucky-orange-public/fonts/avenir-demi.woff2
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
432b338a2b46f99a866e04b641251f84980901e352ecd1871eba8a698c57c600

Request headers

Referer
https://www.fares91.com/
Origin
https://www.fares91.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 07:23:56 GMT
age
2962
x-guploader-uploadid
ADPycdtBlOTDYLU5DAsi4dnZRjWxFztlbOpFVTItQiNgKaCy3QK8TK7x3jr0ANQUjqnrXfmDogi145vQwZgggFg7EOYSuw0ws0_u
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25518
x-goog-meta-
last-modified
Tue, 26 Jun 2018 19:22:39 GMT
server
UploadServer
etag
"b694a2fb59b9e9c2c4dc2e07d7cdd3d3"
x-goog-hash
crc32c=3SvmyA==, md5=tpSi+1m56cLE3C4H183T0w==
x-goog-generation
1530040959022544
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Encoding, Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000
x-goog-stored-content-length
25518
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 25 May 2023 07:23:56 GMT
avenir-medium.woff2
storage.googleapis.com/lucky-orange-public/fonts/ Frame 7AC0
25 KB
25 KB
Font
General
Full URL
https://storage.googleapis.com/lucky-orange-public/fonts/avenir-medium.woff2
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2d16fa146f2f4b980ee78c7b23b9c86724ba2e2bfd341bb369ecb75eef3ac983

Request headers

Referer
https://www.fares91.com/
Origin
https://www.fares91.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 07:23:56 GMT
age
2962
x-guploader-uploadid
ADPycds59JfzYlv8zY8gjY8dO3G6MRPO4Ul6D3J19XHbLaPNsFnEj3N-_7hziO6-3XaFlrsd9CAdbjqglPY_FP_QALLDUYvj4oBm
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25397
x-goog-meta-
last-modified
Tue, 26 Jun 2018 19:22:40 GMT
server
UploadServer
etag
"75a1033689f727d14c3039af10d3ebcb"
x-goog-hash
crc32c=UN3ZXQ==, md5=daEDNon3J9FMMDmvENPryw==
x-goog-generation
1530040960163214
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Encoding, Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000
x-goog-stored-content-length
25397
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 25 May 2023 07:23:56 GMT
fqPxXoABVjT7mVUFKp-h
storage.googleapis.com/lucky-orange-public-uploads/220fa1fd/ Frame 7AC0
24 KB
25 KB
Image
General
Full URL
https://storage.googleapis.com/lucky-orange-public-uploads/220fa1fd/fqPxXoABVjT7mVUFKp-h
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
29b9dbc9683a690b82e234980931cf7e40a1ddf309a563188c0ff78cbbae9783

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:18 GMT
x-guploader-uploadid
ADPycdueP3u80Pu1nlU1IAc9AH3PSkNbELtN6qaUhbaNJ8W_lm_fTL0kBGAW92Wyl13-IrG309Jfx9jQXTZnJjw0PgizIw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-goog-meta-originalname
blob
last-modified
Mon, 25 Apr 2022 04:18:25 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-hash
crc32c=C/O50A==, md5=6Z7IRf9yoR9vXSPUX9ZCJA==
x-goog-generation
1650860305145740
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
24599
accept-ranges
none
content-type
image/png
expires
Thu, 25 May 2023 08:13:18 GMT
45iU54ABv_XT3EwGY4ZX
storage.googleapis.com/lucky-orange-public-uploads/220fa1fd/ Frame 7AC0
31 KB
31 KB
Image
General
Full URL
https://storage.googleapis.com/lucky-orange-public-uploads/220fa1fd/45iU54ABv_XT3EwGY4ZX
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f060b3edb0aa9c2868c3342a049b4f6f900f0be2ffc9f1214bb8d97800b3bdb4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:13:18 GMT
x-guploader-uploadid
ADPycdusulE9Fdcz_LU5x01POmO0GLYvDIMRN7CfsqvXsjKv8u5THe7-in0jl1F35nHPjAIfabKiyIbsL0rATip7gPyEtA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-goog-meta-originalname
blob
last-modified
Sat, 21 May 2022 17:05:03 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-hash
crc32c=bLPtgw==, md5=QYy/QcRmnTobzsmhzqu0gw==
x-goog-generation
1653152703603003
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
31631
accept-ranges
none
content-type
image/png
expires
Thu, 25 May 2023 08:13:18 GMT
lo-symbol.f1058a7b.svg
tools.luckyorange.com/messenger/img/ Frame 7AC0
955 B
1 KB
Image
General
Full URL
https://tools.luckyorange.com/messenger/img/lo-symbol.f1058a7b.svg
Requested by
Host: www.fares91.com
URL: https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7200:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91be5e51e61355ad3d0437321595ef56d38ffb0ecd30fdc1482ecb071d18c1c0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.fares91.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 20:59:54 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified
Thu, 07 Apr 2022 20:59:39 GMT
server
AmazonS3
age
4101205
etag
"f1058a7b7f925134ff12e90f30b6927b"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
955
x-amz-cf-id
gIhAmhv5DnOjAQRht5MOTtzNMxu-jVReHBG5woTAnzVBL0NvRm2gvg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Banners/Ankit_51417/637879005717953134_temp.jpg
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Banners/Ankit_51417/637878998298027525_temp.jpg
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Banners/Ankit_51417/637878998510221273_temp.jpg
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Banners/Ankit_51417/637878998615068206_temp.jpg
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Banners/Ankit_51417/637878998718352652_temp.jpg
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Testimonials/Ankit_51417/637863509547153603_temp.png
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Testimonials/Ankit_51417/637863509466522600_temp.png
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Testimonials/Ankit_51417/637863510511431114_temp.png
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Testimonials/Ankit_51417/637863509366672141_temp.png
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Testimonials/Ankit_51417/637863510422050832_temp.png
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Testimonials/Ankit_51417/637863509257446411_temp.png
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Testimonials/Ankit_51417/637863509166816248_temp.png
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Testimonials/Ankit_51417/637863510270010346_temp.png
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Testimonials/Ankit_51417/637863509069777645_temp.png
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Testimonials/Ankit_51417/637863508954144554_temp.png
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Testimonials/Ankit_51417/637863503255915734_temp.png
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Testimonials/Ankit_51417/637872921516877858_temp.png
Domain
backend.traviyo.com
URL
https://backend.traviyo.com/Images/Testimonials/Ankit_51417/637879011561959748_temp.png
Domain
packageapi.traviyo.com
URL
http://packageapi.traviyo.com/api/AboutUs/GetAboutUsDetails?ClientId=51417

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery object| toastr function| setImmediate function| clearImmediate function| swal function| sweetAlert function| ResizeSensor function| StickySidebar function| Hammer object| Waves function| activeMenu function| updateDatePickerCells object| dynamicCSSRules function| addCSSRule function| settext function| settextt function| pad number| daysToAdd function| checkintemp function| ctema function| checkindata function| checkoutdata function| CheckValidationForTestimonial object| $this object| $actionminus object| $actionplus object| LO object| LOQ object| _loq

4 Cookies

Domain/Path Name / Value
www.fares91.com/ Name: ASP.NET_SessionId
Value: 412zqxygruggeztqieuf0krk
.fares91.com/ Name: lo-uid
Value: 220fa1fd-1653466397066-7747b51ea8d613f9
.fares91.com/ Name: lo-visits
Value: 1
.myfonts.net/ Name: __cf_bm
Value: 1vEnMxFf6IvjdJf6aMIdzRzCrW.pYbVtn.1ra7EEwA0-1653466397-0-AZsgPz4N8FmnO9QUPecmb9UXkHwM+i2UMmHY0aw4122yMq6BpywKI9pY+SYCErKybDCari+gxdgBRAGMXVC2o2I=

2 Console Messages

Source Level URL
Text
security error URL: https://www.fares91.com/Content/js/app-jquery.js(Line 48)
Message:
Mixed Content: The page at 'https://www.fares91.com/?utm_source=Sender&utm_medium=Email&utm_campaign=BackWithJP&utm_source=newsletter&utm_medium=email&utm_campaign={senderemailapp}' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://packageapi.traviyo.com/api/AboutUs/GetAboutUsDetails?ClientId=51417'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://api-preview.luckyorange.com/visitors/220fa1fd-1653466397066-7747b51ea8d613f9
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-preview.luckyorange.com
backend.traviyo.com
campaign-statistics.com
flagcdn.com
fonts.googleapis.com
fonts.gstatic.com
hello.myfonts.net
packageapi.traviyo.com
settings.luckyorange.com
storage.googleapis.com
tools.luckyorange.com
www.fares91.com
backend.traviyo.com
packageapi.traviyo.com
2600:9000:2156:7200:18:6c16:27c0:93a1
2606:4700:3032::6815:266a
2606:4700:3035::6815:3e94
2606:4700::6811:f349
2a00:1450:4001:813::2010
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
34.107.203.234
45.249.111.69
01035192d3e569357432589c120bbe107b023612947d33117514c96611a02014
03aaaacb31cc0a3f8e5be0a898ae838d4ef7cfc1621765e012911c6dfe99ba94
05b536675bcf5a7998899ac998747e0e085d71385401c7acb77afe600c230dec
0fb0dd87ab916910fde39022c9756d3e3ce90e1d251067ca127db55b43011f0e
1100f07c1c7b7e437e97743f21b2815d34251c0f01a4b6cac69c6afc09a51dd4
123df6a551141f80cb180a7653cd381d8b463895951d0ef128671105a1fbbce5
18f68845bb61d5ced11810bf698ab023515fc6b0386f219021c371ea0c5a019d
1b8a17701b2d5afa350f8eb98e17419014c25c0bc04124a5113c018ea33ad831
1cfd8ae5b53d44e1929066bb4d853071ae7891427162c241e9533b6fae02ca87
22b655908ef88c4af55ff965be7cd60e83abb0a6c5fbee7215792d13c32d835f
2573721aea04046c64db602d0ecd143a78fda512e28106c6a34110fbca17aa39
29b9dbc9683a690b82e234980931cf7e40a1ddf309a563188c0ff78cbbae9783
2d16fa146f2f4b980ee78c7b23b9c86724ba2e2bfd341bb369ecb75eef3ac983
31473b43396149402d7b424789f10f68e2f163ab35931795b67a9d2f5cc3e3f6
3438695c30d1306735ebcaf7191b44e4926a54827ed8b166b8dac26576909d46
3636025b9d3d6e000025bb9411996edee3ce442bbd05274c3ecabc76357086f8
411db9e83afd766d43da56336eb211b4b05b875f8c4caeaa8091fb7b2408a242
432b338a2b46f99a866e04b641251f84980901e352ecd1871eba8a698c57c600
44b28bf030fefb6c8fdfe7fd36ede00bee4d9d428b39bf06ac3414b1cb77a8c1
48173bca94ccfa9ce833e9967cb93325f22464d16354020ed0daf0ee9d801155
4bf2fd3216c075de763d5f8370d3daedbb87aa9406c5b4dd3e33243d22c98522
4df9359a1a54ae242225a0f8a0ea405c5c3f0033e6ad0613008213c6971c33d2
5b72599139d65f8acc1f43246b6b1bbd22f0b41acc8b9bfa6d943626fb8d3262
5f3df07bcc3a5781827a394f0057947e623b02ce44842d892dbd6476bdef2300
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6f1bde69ed418d77724dc05f4224256305dc13aab9dab7e0f5795d14e583f5f8
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
7cb85442767d86da75ab5c9cf3faf116d87a0a40925d5b002d65543edc0dc01f
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
87365b52e61ce1f1e536bc9d68df10c54806618a91165bfec69a25c2e65ddacd
89d6f64fc4b6b092d092522cfbfcdcb2c6df75832018868995c3b3422ee1c68e
8fd634c722b783dd8760b85cbb3fe1167b3fbc5d2b608349ca48ec9b1ec75525
91be5e51e61355ad3d0437321595ef56d38ffb0ecd30fdc1482ecb071d18c1c0
96b3d516c5f5a45ac627cb0615fc1b5a3c277356fa19b1f6089abcf52d858619
a5979ee80441c1e1638d3f3ecb179a4a6440fbbdd14a26acbfe81a1a7b0bf245
a761b85bf91bc938810d805e56cec026af70b64ad1fa466a486870e54037909b
ac9859cce1a917e02aed963bf1351b847bd893cab6229204f03af99d71713048
b7a94d76815516d81d89934b8fad5dce3f756138a6d9d9ca67dcbb3069af42fc
bef4055a627e401ff953cc799fa81483682d7938e701a6f449ca2c53e7a69c2c
d0bd6658f9da18b0a473ae5be1df45fda351d7921b85decefdae6f7f58f9e1bb
d3208cfa5ef112cb02b5c9b160f3f40a75961b113c5de6017416704eadc88999
da5fe20c6f2fd6c160154f3a8bedefe5682de4d66c380acd94a87f4167820660
e33e265757b31e1125128422557486624501c38f1d548324020d44d19c2b054e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69f7ec820dffd1b1fd4611d70a4a866f7e4566ade792698199652488fef4338
e801cbaf5b25d51ea364ac940e308fa5093663d1339f293f8f4e59e0cdb79f57
ed32e1fab033fc35c340f2599cb74482033499035e22898c66d3f08b9bb737d0
f060b3edb0aa9c2868c3342a049b4f6f900f0be2ffc9f1214bb8d97800b3bdb4
f3836c177338c473bb424c4f1aaea14a408b76e5dd1d2a6b4ca4e0ef0ea9b6fe
facdb180b697f86f717823c9b0690f55f4792754d6df3bfe356624240d9a0253