www.orafaq.com Open in urlscan Pro
85.93.89.32 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.orafaq.com/
Submission: On September 21 via api (September 21st 2023, 10:35:40 pm UTC) from CA — Scanned from FR

Summary HTTP 92 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 13 domains to perform 92 HTTP transactions. The main IP is 85.93.89.32, located in Strasbourg, France and belongs to GD-EMEA-DC-SXB1, DE. The main domain is www.orafaq.com.

This is the only time www.orafaq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	85.93.89.32 85.93.89.32	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
16	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4 6	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1 2	143.204.12.2 143.204.12.2	16509 (AMAZON-02) (AMAZON-02)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
92	20

14 85.93.89.32 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: orafaq.com

www.orafaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.12.2 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-12-2.mxp64.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	criteo.net static.criteo.net — Cisco Umbrella Rank: 897 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8000 csm.eu.criteo.net — Cisco Umbrella Rank: 7577	190 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	292 KB
14	orafaq.com www.orafaq.com	88 KB
8	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 11 cse.google.com — Cisco Umbrella Rank: 4999	5 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	42 KB
6	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7499 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 8894 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 14897	112 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	21 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	114 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2603	4 KB
2	amazon-adsystem.com 1 redirects z-na.amazon-adsystem.com — Cisco Umbrella Rank: 12417	9 KB
2	gstatic.com www.gstatic.com	68 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368	601 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	82 KB
92	13

	Domain	Requested by
15	imageproxy.eu.criteo.net	ads.eu.criteo.com
14	static.criteo.net	ads.eu.criteo.com
14	www.orafaq.com	www.orafaq.com
9	pagead2.googlesyndication.com	www.orafaq.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.google.com	4 redirects www.orafaq.com tpc.googlesyndication.com
4	csm.eu.criteo.net	ads.eu.criteo.com
2	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.orafaq.com www.google-analytics.com
2	www.paypalobjects.com	www.orafaq.com
2	z-na.amazon-adsystem.com	1 redirects www.orafaq.com
2	cse.google.com	www.orafaq.com
2	www.gstatic.com	www.orafaq.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
92	20

This site contains no links.

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-08-19` - `2023-12-10`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://www.orafaq.com/
Frame ID: 6CBAA4706DAED099AA112A50627D2C13
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html
Frame ID: D48557E54E27497E184C6A78CFBC93D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7499460687650857&output=html&adk=1812271804&adf=3025194257&lmt=1695323608&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.orafaq.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1695335735542&bpp=6&bdt=343&idt=377&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3111185568042&frm=20&pv=2&ga_vid=1385945461.1695335735&ga_sid=1695335736&ga_hid=1407576408&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077327%2C31077702%2C31077970%2C42532402%2C31076997&oid=2&pvsid=4502984877883858&tmod=1628295193&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=410
Frame ID: F83A658E5C18398F7B6D4E23587BF119
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7499460687650857&output=html&h=90&slotname=1157905849&adk=3576264520&adf=3110890503&pi=t.ma~as.1157905849&w=728&lmt=1695323608&format=728x90&url=http%3A%2F%2Fwww.orafaq.com%2F&wgl=1&dt=1695335735548&bpp=1&bdt=350&idt=411&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3111185568042&frm=20&pv=1&ga_vid=1385945461.1695335735&ga_sid=1695335736&ga_hid=1407576408&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=554&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077327%2C31077702%2C31077970%2C42532402%2C31076997&oid=2&pvsid=4502984877883858&tmod=1628295193&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4NcpnAKmZO&p=http%3A//www.orafaq.com&dtd=415
Frame ID: 4DA523E5744C023A0CB01579B63B1E67
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7499460687650857&output=html&h=600&slotname=4576967447&adk=2088692975&adf=4159012622&pi=t.ma~as.4576967447&w=300&fwrn=4&fwrnh=100&lmt=1695323608&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.orafaq.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695335735550&bpp=1&bdt=351&idt=415&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3111185568042&frm=20&pv=1&ga_vid=1385945461.1695335735&ga_sid=1695335736&ga_hid=1407576408&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1258&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077327%2C31077702%2C31077970%2C42532402%2C31076997&oid=2&pvsid=4502984877883858&tmod=1628295193&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jZHz1kTb1t&p=http%3A//www.orafaq.com&dtd=418
Frame ID: A6183446DF292198ED01CF1A1DF83129
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQzFOAAAHjQDog-oAALySblW6NrYf3mpQGkJ-w&u=%7Cfo1W0WIHCCcn3LcH%2B3XCd5vAfdDAieZtkeTs8JpygjU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797byqNo2sELN8lQ9xqoevRP1zxg9iFedEDpiNBO0lRJtS3xZcKpsmXONSPtF8vLhjqK8bIryaO0k2ciDKHEjZHvaId5qRMS6SSGqgCiwfo5867TtVtGb-3xWzfHVx35GS-L3ixZVXQWmJdsN_WnfBD1x1BXCRHQvcb0bVSXs-Riivmy_Edd48gZfKvKPgAgKtxn98LTjwpkFQNNDtfQc5XcAxAhLZc0GB8RbTicENcovF4DMKhTFPNZoC4fxxI2UyNt3WylmN61Lhp352CqidHlKXjbmroMVKCgVXHLfbKs5vTbcuZu8HAwe-vKV5yswMMG2IoayPYoA8lxu_kJSNZYJm9WkY4np-2rb5fcpiiY6w4F-PI-pUQvxMNcSp06EHw6QeWG1lV0-UZyQHV2ZMEeRItqH3rNfTNGuIwTc4FEC0TQGs5CUUsbOB13VFAbmH7MnjM0Yr-Cej2pMoB1L1YB5HziZNeJrSdwsC5mUZnxPMxgOipzxJjnO2r-00b59Ad-UfxkdpwCOUh7hIeE5LTn4HJ8JUWXJSaamYcfZTXyoQYkjgCnvWQjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxwX1OMUMZbQ8qJ-IzQ_J5IuoA8me0rFc1Z2R93DAjbcBEAEgAGD74YWDnAqCARdjYS1wdWItNzQ5OTQ2MDY4NzY1MDg1N8gBCakCpOufQVLksT6oAwHIAwKqBL4BT9DcvN4BFRVqrtvu3m4ZgwtNIiq0KCmHB7T6vjcHK-EX_TdjSj77i5U90Jz6tOdNw35pGps_2iiyBhM9Z_9ThJiOHBQF4iT2JcCJ0of4VbxoWh6eNTr6N66c5hzymKS2u3BjDecAhJK0b9Z-wPJxfUfipSTtXyd43xJhaTXW3RoO-8tkW0YvaqvLjvE1-Lq9tvdXe_-arGL0zkZKND4VkBZeomxds68GRghUTplUyWEuEz96fn05Gsk2Fir0ooAGyo3Hqd2TlO9OoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2anSMptlnRyJEP9NtgIbsiq2mjxA%26client%3Dca-pub-7499460687650857%26adurl%3D
Frame ID: CD474F18A80F80F1A8F8B3A3BAF45443
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Frame ID: 75D8C4A7FCAE398B99AAE6833C9C3AA0
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQzFNwAPPp4DogXYAA8oxGfeIw8qrtG3wvRxcQ&u=%7Cfo1W0WIHCCfZ2QU3LzBzT51%2FNsk2qOLaPqUkTZAJrkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC863fg-71qW5FCOi9VVZ-H1YpklfQlK0LmDHisYDMOS5nWgv5htYHRBL9NcHLRX7DWQFe_kXEcRamntxxvgfnqOsQwkdeHD8vvTL2zpBdcluk0jId4Yy_swTZmdvt_onXDgLCckpGIBKETeiX92yGEnb94mppJRA2fsvcWIniNyqfBMb84o-G1-JswYuSyt7-rvnbRIOvGg2dMx2eibTaghXbzZlRPBFbuIdejg5U10X-OTjmeyvBB9h0oktjinSIM6Qc6SGc8gQSWTGCmygcrSKk3uW_mjZzDYFGL-5KUfE_f1Csl5HOVZWWLiGPCe8Qv7g43lETTWv7NAnPkglppXk5fis4X7K4GPuGk9ObCG7-jNPeM6uPal_O2N9N-cjjmAeu5UGCGuagwtM593LjMejMK9i91dKoDJxOLVakpQEN3KTtVfFSgzw24QrUj0xJnT1jbSzLz-D5nkthE802lVymiZKgvAU-HAhdYWMHdGTXGu31fXg4T6XgVCR0KaIL2ofyXU5QaM_Pw5_e3Uphdr763dpeoKGIOjFyJesoFLczqMT4pO1grqw4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX5gAN8UMZZ79PNiLiM0PxNG88A_JntKxXMWMi-CaAcCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi03NDk5NDYwNjg3NjUwODU3yAEJqQKk659BUuSxPqgDAcgDAqoEwAFP0Pr9rmdQNsnSkTOqobq_PfPFzagEAYA-Y8AVzfQtRfmuXffjwXUiB4i3WfhfLwv8sh82Bbz3xPTk6-pBy-o41AtPD1ihUneHxpILzMyWLG0xWi09dO2g_ffdIUL7dsfTTNruFS1NCcJFiuzDY2286GX-4WF9NFmjWRAOBLSp5rS0n8VGFtRWVpJE4nji_xYM1JsJBwY4HZ_FsA-QBQfZ-IsKyQD18Y3x5xU3k0PeDgOxcoAHlpFmdULYgXAn8EeABsqNx6ndk5TvTqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MPOo-FV4yJdL38dAxsl7uH6cWSw%26client%3Dca-pub-7499460687650857%26adurl%3D
Frame ID: 6ADA356073DCA1B391B40DDBF60CE97C
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AC33F8D68D843C6809680EC40F5A6991
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 48FF291B9233CFB7E7497AD9441EF20F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to The Oracle FAQ | Oracle FAQ

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

92
Requests

78 %
HTTPS

79 %
IPv6

13
Domains

20
Subdomains

20
IPs

3
Countries

1024 kB
Transfer

2455 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

Request Chain 8

http://www.google.com/cse/t13n?form=cse-search-box&t13n_langs=en HTTP 301
https://cse.google.com/cse/t13n?form=cse-search-box&t13n_langs=en

Request Chain 9

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 10

http://www.google.com/cse/query_renderer.js HTTP 301
https://cse.google.com/cse/query_renderer.js

Request Chain 11

http://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US HTTP 301
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US

92 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.orafaq.com/ 25 KB
8 KB 81ms
46ms Document
text/html 85.93.89.32
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

http://www.orafaq.com/

Protocol

HTTP/1.1

Server

85.93.89.32 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

orafaq.com

Software

nginx / PHP/7.3.33 PleskLin

Resource Hash

5333d9f595e5a02cc072a08fd5d7ab4617fb5ffa3f3c305612072c9208058e46

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: public, max-age=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Language: en
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Sep 2023 22:35:35 GMT
Etag: "1695330808-1"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Thu, 21 Sep 2023 21:13:28 GMT
Link: </node/852>; rel="canonical",</node/852>; rel="shortlink"
Server: nginx
Transfer-Encoding: chunked
Vary: Cookie,Accept-Encoding
X-Cache-Status: BYPASS
X-Drupal-Cache: HIT
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.3.33 PleskLin

GET
H/1.1 200
OK css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
www.orafaq.com/files/css/ 7 KB
3 KB 27ms
25ms Stylesheet
text/css 85.93.89.32
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orafaq.com/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/
Protocol: HTTP/1.1
Server: 85.93.89.32 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: orafaq.com
Software: nginx /
Resource Hash: c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Mar 2021 20:42:22 GMT
Server: nginx
ETag: W/"6041462e-1da3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public, no-transform
Connection: keep-alive
Expires: Sat, 21 Oct 2023 22:35:35 GMT

GET
H/1.1 200
OK css_LGOuMjsczwPnK2FCEqNj1dGbBDizAobg9otA-TwTA5E.css
www.orafaq.com/files/css/ 4 KB
2 KB 52ms
25ms Stylesheet
text/css 85.93.89.32
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orafaq.com/files/css/css_LGOuMjsczwPnK2FCEqNj1dGbBDizAobg9otA-TwTA5E.css
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/
Protocol: HTTP/1.1
Server: 85.93.89.32 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: orafaq.com
Software: nginx /
Resource Hash: 2c63ae323b1ccf03e72b614212a363d5d19b0438b30286e0f68b40f93c130391

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Mar 2021 20:42:22 GMT
Server: nginx
ETag: W/"6041462e-fdc"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public, no-transform
Connection: keep-alive
Expires: Sat, 21 Oct 2023 22:35:35 GMT

GET
H/1.1 200
OK css_RFocTh_zzfe_yPdJgh4dABLvwzbCglsAqQapGKGkjZg.css
www.orafaq.com/files/css/ 11 KB
3 KB 52ms
25ms Stylesheet
text/css 85.93.89.32
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orafaq.com/files/css/css_RFocTh_zzfe_yPdJgh4dABLvwzbCglsAqQapGKGkjZg.css
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/
Protocol: HTTP/1.1
Server: 85.93.89.32 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: orafaq.com
Software: nginx /
Resource Hash: 445a1c4e1ff3cdf7bfc8f749821e1d0012efc336c2825b00a906a918a1a48d98

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Mar 2021 20:42:22 GMT
Server: nginx
ETag: W/"6041462e-2dfd"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public, no-transform
Connection: keep-alive
Expires: Sat, 21 Oct 2023 22:35:35 GMT

GET
H/1.1 200
OK js_Ua98zxjH9I2U2rTee9IFt0Bz0daoaQQTSnaDxCxt3Kc.js Show response
www.orafaq.com/files/js/ 115 KB
39 KB 56ms
28ms Script
application/javascript 85.93.89.32
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orafaq.com/files/js/js_Ua98zxjH9I2U2rTee9IFt0Bz0daoaQQTSnaDxCxt3Kc.js
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/
Protocol: HTTP/1.1
Server: 85.93.89.32 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: orafaq.com
Software: nginx /
Resource Hash: 51af7ccf18c7f48d94dab4de7bd205b74073d1d6a86904134a7683c42c6ddca7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Mar 2021 20:42:22 GMT
Server: nginx
ETag: W/"6041462e-1cc59"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, no-transform
Connection: keep-alive
Expires: Sat, 21 Oct 2023 22:35:35 GMT

GET
H/1.1 200
OK js_UGmzC16IRRd-eTxQJ2g-aTHe_lhJpruofZj4YvqhhUU.js Show response
www.orafaq.com/files/js/ 3 KB
2 KB 53ms
25ms Script
application/javascript 85.93.89.32
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orafaq.com/files/js/js_UGmzC16IRRd-eTxQJ2g-aTHe_lhJpruofZj4YvqhhUU.js
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/
Protocol: HTTP/1.1
Server: 85.93.89.32 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: orafaq.com
Software: nginx /
Resource Hash: 5069b30b5e8845177e793c5027683e6931defe5849a6bba87d98f862faa18545

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Mar 2021 20:54:11 GMT
Server: nginx
ETag: W/"604148f3-b4a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, no-transform
Connection: keep-alive
Expires: Sat, 21 Oct 2023 22:35:35 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
53 KB 103ms
78ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.orafaq.com
URL: http://www.orafaq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4f9134af3b3c32883dc0080df2d2659cfff57f3e03939d280e952a9a6672112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54018
X-XSS-Protection: 0
Server: cafe
ETag: 14347090535472926629
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Thu, 21 Sep 2023 22:35:35 GMT

GET
H/1.1 200
OK logo.jpg
www.orafaq.com/forum/banner/ 8 KB
8 KB 26ms
24ms Image
image/jpeg 85.93.89.32
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orafaq.com/forum/banner/logo.jpg
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/
Protocol: HTTP/1.1
Server: 85.93.89.32 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: orafaq.com
Software: nginx /
Resource Hash: ae7ce3a8cfc4b88daca830a7d8cbfeee4789eb7ff144e114af3b02376699bfa2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Last-Modified: Sat, 21 Jan 2006 20:40:26 GMT
Server: nginx
ETag: "43d29c3a-1f2e"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7982
Expires: Sat, 21 Oct 2023 22:35:35 GMT

GET
H2

200

loader.js Show response
www.gstatic.com/charts/
Redirect Chain

http://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

61 KB
62 KB

84ms
25ms

Script
text/javascript

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: www.orafaq.com
URL: http://www.orafaq.com/

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:01:17 GMT
x-content-type-options: nosniff
age: 2058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62428
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 17:52:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gviz"
vary: Accept-Encoding, Origin
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 21 Sep 2023 23:01:17 GMT

Redirect headers

Date: Thu, 21 Sep 2023 22:29:53 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 342
Content-Type: text/html; charset=UTF-8
Location: https://www.gstatic.com/charts/loader.js
Cache-Control: public, max-age=1800
Content-Length: 237
X-XSS-Protection: 0
Expires: Thu, 21 Sep 2023 22:59:53 GMT

GET
H2

404

t13n
cse.google.com/cse/
Redirect Chain

http://www.google.com/cse/t13n?form=cse-search-box&t13n_langs=en
https://cse.google.com/cse/t13n?form=cse-search-box&t13n_langs=en

0
0

147ms
75ms

Script
text/html

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cse.google.com/cse/t13n?form=cse-search-box&t13n_langs=en
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/
Protocol: H2
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Redirect headers

Date: Thu, 21 Sep 2023 22:15:31 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 1204
Content-Type: text/html; charset=UTF-8
Location: https://cse.google.com/cse/t13n?form=cse-search-box&t13n_langs=en
Cache-Control: public, max-age=1800
Content-Length: 266
X-XSS-Protection: 0
Expires: Thu, 21 Sep 2023 22:45:31 GMT

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

64ms
63ms

Script
text/javascript

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.orafaq.com
URL: http://www.orafaq.com/

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 05:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 22 Sep 2023 05:35:06 GMT

Redirect headers

Date: Thu, 21 Sep 2023 22:12:13 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 1402
Content-Type: text/html; charset=UTF-8
Location: https://www.gstatic.com/prose/brandjs.js
Cache-Control: public, max-age=1800
Content-Length: 237
X-XSS-Protection: 0
Expires: Thu, 21 Sep 2023 22:42:13 GMT

GET
H2

200

query_renderer.js Show response
cse.google.com/cse/
Redirect Chain

http://www.google.com/cse/query_renderer.js
https://cse.google.com/cse/query_renderer.js

1000 B
771 B

24ms
24ms

Script
text/javascript

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/query_renderer.js

Requested by

Host: www.orafaq.com
URL: http://www.orafaq.com/

Protocol

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

3318138d0f116d034cd1ced5c0bf7697f45965b830d68eebcaf4b972bad43e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 15:40:22 GMT
server: pfe
age: 312
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 465
x-xss-protection: 0
expires: Thu, 21 Sep 2023 23:00:23 GMT

Redirect headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Type: text/html; charset=UTF-8
Location: https://cse.google.com/cse/query_renderer.js
Cache-Control: public, max-age=1800
Content-Length: 241
X-XSS-Protection: 0
Expires: Thu, 21 Sep 2023 23:05:35 GMT

GET
H2

200

onejs Show response
z-na.amazon-adsystem.com/widgets/
Redirect Chain

http://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US

24 KB
8 KB

108ms
34ms

Script
application/javascript

143.204.12.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/
Protocol: H2
Server: 143.204.12.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-12-2.mxp64.r.cloudfront.net
Software: Server /
Resource Hash: 30312a5ff01d2a42a51b3a786f6b1245c47be291fd4d107274fd3cde75f04f71

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: Public
date: Thu, 21 Sep 2023 02:06:58 GMT
content-encoding: gzip
via: 1.1 4b0a29060798a5746cab1da1c9cdac7a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP64-C1
age: 73717
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=86400,s-maxage=86400,no-transform
content-length: 7993
x-amz-cf-id: -3U5S5-o57OGZybS9GME5Kk8Sl-jRv5YiD_fn6F6dJz_iJdnlPoWfg==
expires: Fri, 22 Sep 2023 02:06:58 GMT

Redirect headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Via: 1.1 b11b9b995d2b659993dbfeb81d72a994.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: MXP64-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: cVaZi00ICfJuKeWXapT4cQUGuYsafbPvnSZ74bXlMHxXGhFx9yW7pg==

GET
H2 200 btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ 3 KB
3 KB 98ms
19ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Requested by

Host: www.orafaq.com
URL: http://www.orafaq.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F79) /

Resource Hash

33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: f42b14747710f
dc: ccg11-origin-www-1.paypal.com
content-length: 3099
last-modified: Thu, 27 May 2021 14:20:07 GMT
server: ECAcc (paa/6F79)
traceparent: 00-0000000000000000000f42b14747710f-8b4868ec1f4b8f85-01
etag: "60afaa97-c1b"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 21 Sep 2023 23:35:35 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 43 B
142 B 101ms
22ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: www.orafaq.com
URL: http://www.orafaq.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F05) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (paa/6F05)
etag: "5d5637be-2b"
x-cache: HIT
content-type: image/gif
paypal-debug-id: d1c4cfe1ff620
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
content-length: 43
expires: Thu, 21 Sep 2023 23:35:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 83ms
24ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.orafaq.com
URL: http://www.orafaq.com/files/js/js_UGmzC16IRRd-eTxQJ2g-aTHe_lhJpruofZj4YvqhhUU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 21:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2752
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Sep 2023 23:49:43 GMT

GET
H/1.1 200
OK backgr.gif
www.orafaq.com/forum/banner/ 360 B
700 B 26ms
25ms Image
image/gif 85.93.89.32
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orafaq.com/forum/banner/backgr.gif
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/
Protocol: HTTP/1.1
Server: 85.93.89.32 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: orafaq.com
Software: nginx /
Resource Hash: da69dada27a7eb141f862a98a88faabca8710a1efa70d6f34bf2bfe2bf065b46

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Last-Modified: Sat, 21 Jan 2006 20:40:26 GMT
Server: nginx
ETag: "43d29c3a-168"
Content-Type: image/gif
Cache-Control: max-age=2592000, public, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 360
Expires: Sat, 21 Oct 2023 22:35:35 GMT

GET
H/1.1 200
OK back2.jpg
www.orafaq.com/forum/banner/ 17 KB
17 KB 25ms
25ms Image
image/jpeg 85.93.89.32
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orafaq.com/forum/banner/back2.jpg
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/
Protocol: HTTP/1.1
Server: 85.93.89.32 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: orafaq.com
Software: nginx /
Resource Hash: 664b4d1a2ab98db497e05414da212215598f4c99b121662836dfbe63440b2eae

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Last-Modified: Sat, 21 Jan 2006 20:40:26 GMT
Server: nginx
ETag: "43d29c3a-4490"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17552
Expires: Sat, 21 Oct 2023 22:35:35 GMT

GET
H/1.1 200
OK icon-database.png
www.orafaq.com/themes/orafaq/images/ 1 KB
1 KB 25ms
25ms Image
image/png 85.93.89.32
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orafaq.com/themes/orafaq/images/icon-database.png
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/files/css/css_RFocTh_zzfe_yPdJgh4dABLvwzbCglsAqQapGKGkjZg.css
Protocol: HTTP/1.1
Server: 85.93.89.32 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: orafaq.com
Software: nginx /
Resource Hash: 3b598753d9e6dd148d9bb7903ce85e7f7db2956574730cfd472bd54f54cad14c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/files/css/css_RFocTh_zzfe_yPdJgh4dABLvwzbCglsAqQapGKGkjZg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Last-Modified: Fri, 24 Jun 2016 10:17:09 GMT
Server: nginx
ETag: "576d08a5-482"
Content-Type: image/png
Cache-Control: max-age=2592000, public, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1154
Expires: Sat, 21 Oct 2023 22:35:35 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 32ms
32ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1407576408&t=pageview&_s=1&dl=http%3A%2F%2Fwww.orafaq.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20The%20Oracle%20FAQ%20%7C%20Oracle%20FAQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1589927511&gjid=1098402712&cid=1385945461.1695335735&tid=UA-78700787-1&_gid=756185021.1695335735&_r=1&_slc=1&z=1035663076

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a91891e105655dfc50927fe58c6612b2e92f8119bd34909cd06a3a8e256afec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orafaq.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 22:35:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.orafaq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
82 KB 115ms
44ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EP4T107M3R&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e5e419fb375b9fb7bd6718c1460cbd390899604b85fd17d131198e62e72736e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83298
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Sep 2023 22:35:35 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
2 KB 84ms
25ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.orafaq.com
URL: http://www.orafaq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 09:42:22 GMT
x-content-type-options: nosniff
age: 478393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 15 Sep 2024 09:42:22 GMT

GET
H/1.1 200
OK menu-collapsed.png
www.orafaq.com/misc/ 105 B
444 B 26ms
25ms Image
image/png 85.93.89.32
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orafaq.com/misc/menu-collapsed.png
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
Protocol: HTTP/1.1
Server: 85.93.89.32 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: orafaq.com
Software: nginx /
Resource Hash: bf38e36e83c03851ef6ad378a251217256a9a42547beea0d57fcbb8031241034

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Last-Modified: Fri, 24 Jun 2016 10:17:01 GMT
Server: nginx
ETag: "576d089d-69"
Content-Type: image/png
Cache-Control: max-age=2592000, public, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 105
Expires: Sat, 21 Oct 2023 22:35:35 GMT

GET
H/1.1 200
OK menu-leaf.png
www.orafaq.com/misc/ 126 B
465 B 27ms
26ms Image
image/png 85.93.89.32
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orafaq.com/misc/menu-leaf.png
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
Protocol: HTTP/1.1
Server: 85.93.89.32 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: orafaq.com
Software: nginx /
Resource Hash: e457a1f5c855a40b853c0f8f6421db58c3e7b443444389e3ac1cb128bb02fc97

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Last-Modified: Fri, 24 Jun 2016 10:17:01 GMT
Server: nginx
ETag: "576d089d-7e"
Content-Type: image/png
Cache-Control: max-age=2592000, public, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 126
Expires: Sat, 21 Oct 2023 22:35:35 GMT

GET
H/1.1 200
OK background.png
www.orafaq.com/themes/orafaq/images/ 2 KB
3 KB 25ms
24ms Image
image/png 85.93.89.32
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orafaq.com/themes/orafaq/images/background.png
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/files/css/css_RFocTh_zzfe_yPdJgh4dABLvwzbCglsAqQapGKGkjZg.css
Protocol: HTTP/1.1
Server: 85.93.89.32 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: orafaq.com
Software: nginx /
Resource Hash: 7de12d3c8162e82ca3193fce9657be2118e7f4f465a2b37cb7f55bf612e61910

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/files/css/css_RFocTh_zzfe_yPdJgh4dABLvwzbCglsAqQapGKGkjZg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Last-Modified: Fri, 24 Jun 2016 10:17:09 GMT
Server: nginx
ETag: "576d08a5-98d"
Content-Type: image/png
Cache-Control: max-age=2592000, public, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2445
Expires: Sat, 21 Oct 2023 22:35:35 GMT

GET
H/1.1 200
OK corners1280x18.gif
www.orafaq.com/themes/orafaq/images/ 408 B
748 B 26ms
25ms Image
image/gif 85.93.89.32
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orafaq.com/themes/orafaq/images/corners1280x18.gif
Requested by: Host: www.orafaq.com
URL: http://www.orafaq.com/files/css/css_RFocTh_zzfe_yPdJgh4dABLvwzbCglsAqQapGKGkjZg.css
Protocol: HTTP/1.1
Server: 85.93.89.32 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: orafaq.com
Software: nginx /
Resource Hash: 3c61d07257fe59f64a0b9c09b2b204e0c9442c341d9e0f9254b62f804e26fbb4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/files/css/css_RFocTh_zzfe_yPdJgh4dABLvwzbCglsAqQapGKGkjZg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 22:35:35 GMT
Last-Modified: Fri, 24 Jun 2016 10:17:09 GMT
Server: nginx
ETag: "576d08a5-198"
Content-Type: image/gif
Cache-Control: max-age=2592000, public, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 408
Expires: Sat, 21 Oct 2023 22:35:35 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 379 KB
129 KB 152ms
95ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7499460687650857&plah=www.orafaq.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4d20ac5c4fd4ec8b2976c90d5fba67d04c5570493f09522bddfd13e93057632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131563
x-xss-protection: 0
server: cafe
etag: 11131478504246979025
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 22:35:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/ Frame D485 10 KB
5 KB 111ms
26ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orafaq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 28130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 14:46:45 GMT
etag: 2603938475786422795
expires: Thu, 05 Oct 2023 14:46:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 78ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EP4T107M3R&gtm=45je39i0h1&_p=1407576408&ul=en-us&sr=1600x1200&cid=1385945461.1695335735&ir=1&_eu=EBAI&_s=1&dl=http%3A%2F%2Fwww.orafaq.com%2F&dt=Welcome%20to%20The%20Oracle%20FAQ%20%7C%20Oracle%20FAQ&sid=1695335735&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EP4T107M3R&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 22:35:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.orafaq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 104ms
33ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.orafaq.com&callback=_gfp_s_&client=ca-pub-7499460687650857

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7499460687650857&plah=www.orafaq.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

090e695fffaa76dfc609b0211e56498b0a592bf482540328c8207da52593dffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F83A 61 KB
19 KB 347ms
346ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7499460687650857&output=html&adk=1812271804&adf=3025194257&lmt=1695323608&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.orafaq.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1695335735542&bpp=6&bdt=343&idt=377&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3111185568042&frm=20&pv=2&ga_vid=1385945461.1695335735&ga_sid=1695335736&ga_hid=1407576408&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077327%2C31077702%2C31077970%2C42532402%2C31076997&oid=2&pvsid=4502984877883858&tmod=1628295193&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=410

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79f03f37ff1cc03c0d5755b1539ae1149009d04348ebe44b2a6f61b4a4605607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orafaq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18762
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 22:35:36 GMT
expires: Thu, 21 Sep 2023 22:35:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4DA5 34 KB
14 KB 304ms
304ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7499460687650857&output=html&h=90&slotname=1157905849&adk=3576264520&adf=3110890503&pi=t.ma~as.1157905849&w=728&lmt=1695323608&format=728x90&url=http%3A%2F%2Fwww.orafaq.com%2F&wgl=1&dt=1695335735548&bpp=1&bdt=350&idt=411&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3111185568042&frm=20&pv=1&ga_vid=1385945461.1695335735&ga_sid=1695335736&ga_hid=1407576408&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=554&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077327%2C31077702%2C31077970%2C42532402%2C31076997&oid=2&pvsid=4502984877883858&tmod=1628295193&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4NcpnAKmZO&p=http%3A//www.orafaq.com&dtd=415

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a689042e409f8d6372216d0db93598251e20a4d2e4b7e4f0705b37be020daf85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orafaq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13974
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 22:35:36 GMT
expires: Thu, 21 Sep 2023 22:35:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A618 430 B
425 B 293ms
293ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7499460687650857&output=html&h=600&slotname=4576967447&adk=2088692975&adf=4159012622&pi=t.ma~as.4576967447&w=300&fwrn=4&fwrnh=100&lmt=1695323608&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.orafaq.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695335735550&bpp=1&bdt=351&idt=415&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3111185568042&frm=20&pv=1&ga_vid=1385945461.1695335735&ga_sid=1695335736&ga_hid=1407576408&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1258&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077327%2C31077702%2C31077970%2C42532402%2C31076997&oid=2&pvsid=4502984877883858&tmod=1628295193&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jZHz1kTb1t&p=http%3A//www.orafaq.com&dtd=418

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b5b11542728fe1a40e123bc08c3ce788b77a8448e2aa2b11ac83bfc886ba597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orafaq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 205
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 22:35:36 GMT
expires: Thu, 21 Sep 2023 22:35:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 4DA5 3 KB
1 KB 109ms
29ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7499460687650857&output=html&h=90&slotname=1157905849&adk=3576264520&adf=3110890503&pi=t.ma~as.1157905849&w=728&lmt=1695323608&format=728x90&url=http%3A%2F%2Fwww.orafaq.com%2F&wgl=1&dt=1695335735548&bpp=1&bdt=350&idt=411&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3111185568042&frm=20&pv=1&ga_vid=1385945461.1695335735&ga_sid=1695335736&ga_hid=1407576408&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=554&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077327%2C31077702%2C31077970%2C42532402%2C31076997&oid=2&pvsid=4502984877883858&tmod=1628295193&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4NcpnAKmZO&p=http%3A//www.orafaq.com&dtd=415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 17:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 17:45:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 4DA5 20 KB
8 KB 104ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 12:26:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4DA5 182 KB
57 KB 133ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 22:35:36 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CD47 157 KB
49 KB 141ms
80ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQzFOAAAHjQDog-oAALySblW6NrYf3mpQGkJ-w&u=%7Cfo1W0WIHCCcn3LcH%2B3XCd5vAfdDAieZtkeTs8JpygjU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797byqNo2sELN8lQ9xqoevRP1zxg9iFedEDpiNBO0lRJtS3xZcKpsmXONSPtF8vLhjqK8bIryaO0k2ciDKHEjZHvaId5qRMS6SSGqgCiwfo5867TtVtGb-3xWzfHVx35GS-L3ixZVXQWmJdsN_WnfBD1x1BXCRHQvcb0bVSXs-Riivmy_Edd48gZfKvKPgAgKtxn98LTjwpkFQNNDtfQc5XcAxAhLZc0GB8RbTicENcovF4DMKhTFPNZoC4fxxI2UyNt3WylmN61Lhp352CqidHlKXjbmroMVKCgVXHLfbKs5vTbcuZu8HAwe-vKV5yswMMG2IoayPYoA8lxu_kJSNZYJm9WkY4np-2rb5fcpiiY6w4F-PI-pUQvxMNcSp06EHw6QeWG1lV0-UZyQHV2ZMEeRItqH3rNfTNGuIwTc4FEC0TQGs5CUUsbOB13VFAbmH7MnjM0Yr-Cej2pMoB1L1YB5HziZNeJrSdwsC5mUZnxPMxgOipzxJjnO2r-00b59Ad-UfxkdpwCOUh7hIeE5LTn4HJ8JUWXJSaamYcfZTXyoQYkjgCnvWQjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxwX1OMUMZbQ8qJ-IzQ_J5IuoA8me0rFc1Z2R93DAjbcBEAEgAGD74YWDnAqCARdjYS1wdWItNzQ5OTQ2MDY4NzY1MDg1N8gBCakCpOufQVLksT6oAwHIAwKqBL4BT9DcvN4BFRVqrtvu3m4ZgwtNIiq0KCmHB7T6vjcHK-EX_TdjSj77i5U90Jz6tOdNw35pGps_2iiyBhM9Z_9ThJiOHBQF4iT2JcCJ0of4VbxoWh6eNTr6N66c5hzymKS2u3BjDecAhJK0b9Z-wPJxfUfipSTtXyd43xJhaTXW3RoO-8tkW0YvaqvLjvE1-Lq9tvdXe_-arGL0zkZKND4VkBZeomxds68GRghUTplUyWEuEz96fn05Gsk2Fir0ooAGyo3Hqd2TlO9OoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2anSMptlnRyJEP9NtgIbsiq2mjxA%26client%3Dca-pub-7499460687650857%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8449627df3452bf35bcf4b9c483bb4be3a3bf39d8b141d631c302a4137d2e398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 22:35:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=wbf5dUUu5zKlVvEEXZ2QGDdS6MBKe18cLOdI1PoQ6LUlQKsJHTdkGYRM9mNk_5eZaZqrzO5EsWbhoJbZsFFDo4-WRmP-_m30ktVhM0lf7TuKSh00DxsC5vK1XQSt4p4L090kAv8aVc3NjI80D1soKWXy_XopBhDe1wiEUEpNGaeyQT6n4WjY7Y9oCBqrL-LdKXIoXpwD_IotXFIZjaVLdDjWFelOEybm1pYj0RMb3XSA28L3zYVufizeU2g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 54797444
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 154 KB
52 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4538eeacbabfbe26680d5b52d36315896ca34b816b4fc4a50bc126d9ff0d173e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53718
x-xss-protection: 0
server: cafe
etag: 4831286536298550145
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 22:35:36 GMT

GET
DATA 200
OK truncated
/ Frame 4DA5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45919026a1419bd53a87c8a1a35110e724a6d79dd85d7f4c12e5a0c2c5aea831

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame 75D8 10 KB
4 KB 26ms
25ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orafaq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 60804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 05:42:12 GMT
etag: 2603938475786422795
expires: Thu, 05 Oct 2023 05:42:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CD47 2 KB
1 KB 64ms
21ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQzFOAAAHjQDog-oAALySblW6NrYf3mpQGkJ-w&u=%7Cfo1W0WIHCCcn3LcH%2B3XCd5vAfdDAieZtkeTs8JpygjU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797byqNo2sELN8lQ9xqoevRP1zxg9iFedEDpiNBO0lRJtS3xZcKpsmXONSPtF8vLhjqK8bIryaO0k2ciDKHEjZHvaId5qRMS6SSGqgCiwfo5867TtVtGb-3xWzfHVx35GS-L3ixZVXQWmJdsN_WnfBD1x1BXCRHQvcb0bVSXs-Riivmy_Edd48gZfKvKPgAgKtxn98LTjwpkFQNNDtfQc5XcAxAhLZc0GB8RbTicENcovF4DMKhTFPNZoC4fxxI2UyNt3WylmN61Lhp352CqidHlKXjbmroMVKCgVXHLfbKs5vTbcuZu8HAwe-vKV5yswMMG2IoayPYoA8lxu_kJSNZYJm9WkY4np-2rb5fcpiiY6w4F-PI-pUQvxMNcSp06EHw6QeWG1lV0-UZyQHV2ZMEeRItqH3rNfTNGuIwTc4FEC0TQGs5CUUsbOB13VFAbmH7MnjM0Yr-Cej2pMoB1L1YB5HziZNeJrSdwsC5mUZnxPMxgOipzxJjnO2r-00b59Ad-UfxkdpwCOUh7hIeE5LTn4HJ8JUWXJSaamYcfZTXyoQYkjgCnvWQjg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxwX1OMUMZbQ8qJ-IzQ_J5IuoA8me0rFc1Z2R93DAjbcBEAEgAGD74YWDnAqCARdjYS1wdWItNzQ5OTQ2MDY4NzY1MDg1N8gBCakCpOufQVLksT6oAwHIAwKqBL4BT9DcvN4BFRVqrtvu3m4ZgwtNIiq0KCmHB7T6vjcHK-EX_TdjSj77i5U90Jz6tOdNw35pGps_2iiyBhM9Z_9ThJiOHBQF4iT2JcCJ0of4VbxoWh6eNTr6N66c5hzymKS2u3BjDecAhJK0b9Z-wPJxfUfipSTtXyd43xJhaTXW3RoO-8tkW0YvaqvLjvE1-Lq9tvdXe_-arGL0zkZKND4VkBZeomxds68GRghUTplUyWEuEz96fn05Gsk2Fir0ooAGyo3Hqd2TlO9OoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2anSMptlnRyJEP9NtgIbsiq2mjxA%26client%3Dca-pub-7499460687650857%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Sep 2024 22:35:36 GMT

GET
H2 200 adchoices_fr.svg
static.criteo.net/flash/icon/ Frame CD47 2 KB
1 KB 62ms
19ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_fr.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-75e"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Sep 2024 22:35:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CD47 308 B
636 B 23ms
20ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 15 Sep 2024 22:35:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CD47 293 B
621 B 24ms
20ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 15 Sep 2024 22:35:36 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame CD47 43 B
348 B 81ms
27ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ZL2wiAoTgp1ckkXntojEPOuXEFdiquZHsCAyRVxu5duQ0t5Xb_zHe3ep8j73GwpPl6qFfSNrQxR5Z2iUMaPZbJNYfWKEdVLwUnHZupIeWAZ0qK7ZMGmvqRLnQUCsp0MJgRELMucmk-V1MKf_OYdntCS0MfWAIXE5LCOmVA7FtyNON5NVNwWAKDBdvezLn_idSn8CsGkYkwSTe9c7p4thg4Zt7XHZlblI3WH9uFiWtHPRTXvUvjayXcHbbwMJJzwPY2PNPLLsQsJ4PB80YnaMM-kMEdD4zdHLBVnh7Uy3MNeGPkIW3VcgExo2fIlUYQI1wDCCwA6trEhZsj9cE2Yp-cOwT7M8xs8xVVhlAgIUAj_phhwHBsINWeVqqtbWo9ej74ziYpe40UAiYdiparQ52-jcX6UxsUscYXn6DbQdBzpw2AH5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1655529
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CD47 12 KB
6 KB 31ms
31ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Sep 2024 22:35:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CD47 38 KB
38 KB 98ms
50ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=16330&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F16330%2F4942559%2Fe7ed6fc8d5be45c18222d49dde7259f0_1200x628_2.jpg&v=3&w=1200&s=W6gv0sCQNSMT156U8easGGF4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3452bc7d7c3a4f9360f5aba03d23cb142605b93a3d6f2726f257a0990c9e2207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 38796
expires: Fri, 13 Sep 2024 10:03:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CD47 5 KB
5 KB 86ms
38ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=16330&q=80&r=2&u=https%3A%2F%2Fimg.sergeblanco.com%2Fphototheque%2F8000%2Flarge%2F01W007825A.jpg&v=3&w=800&s=7AfVmuBoBKFK-3Sc_XslG-Wm&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6ae0771686a78a57731c7765855877aac1c531a60c2eb0bad17b040da5f039d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 5406
expires: Fri, 13 Sep 2024 09:55:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CD47 14 KB
14 KB 87ms
39ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=16330&q=80&r=2&u=https%3A%2F%2Fimg.sergeblanco.com%2Fphototheque%2F6250%2Flarge%2F01W006090A.jpg&v=3&w=800&s=cS42MzDSx51dkB2mVLT2coG9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

40a9821c44cf3ba0bd470d7b2dd89fc9838ade026c14e38174ab97cd89d33d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 13988
expires: Fri, 13 Sep 2024 09:58:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CD47 2 KB
2 KB 89ms
42ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=16330&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F16330%2F4942559%2F2f530819682e4dcca819181e6138750b_1200x1200.jpg&v=3&w=256&s=MbmvteW2O0QYCVnxTti4BTQG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4351496b7ead1142a71f695db679fcae1e04614699070b916cb64b5592d7b1fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 2168
expires: Fri, 13 Sep 2024 10:02:09 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CD47 0
128 B 64ms
19ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=wbf5dUUu5zKlVvEEXZ2QGDdS6MBKe18cLOdI1PoQ6LUlQKsJHTdkGYRM9mNk_5eZaZqrzO5EsWbhoJbZsFFDo4-WRmP-_m30ktVhM0lf7TuKSh00DxsC5vK1XQSt4p4L090kAv8aVc3NjI80D1soKWXy_XopBhDe1wiEUEpNGaeyQT6n4WjY7Y9oCBqrL-LdKXIoXpwD_IotXFIZjaVLdDjWFelOEybm1pYj0RMb3XSA28L3zYVufizeU2g&sds=2&rev=88356&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CD47 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Sep 2024 22:35:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CD47 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Sep 2024 22:35:36 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6ADA 229 KB
62 KB 98ms
97ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQzFNwAPPp4DogXYAA8oxGfeIw8qrtG3wvRxcQ&u=%7Cfo1W0WIHCCfZ2QU3LzBzT51%2FNsk2qOLaPqUkTZAJrkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC863fg-71qW5FCOi9VVZ-H1YpklfQlK0LmDHisYDMOS5nWgv5htYHRBL9NcHLRX7DWQFe_kXEcRamntxxvgfnqOsQwkdeHD8vvTL2zpBdcluk0jId4Yy_swTZmdvt_onXDgLCckpGIBKETeiX92yGEnb94mppJRA2fsvcWIniNyqfBMb84o-G1-JswYuSyt7-rvnbRIOvGg2dMx2eibTaghXbzZlRPBFbuIdejg5U10X-OTjmeyvBB9h0oktjinSIM6Qc6SGc8gQSWTGCmygcrSKk3uW_mjZzDYFGL-5KUfE_f1Csl5HOVZWWLiGPCe8Qv7g43lETTWv7NAnPkglppXk5fis4X7K4GPuGk9ObCG7-jNPeM6uPal_O2N9N-cjjmAeu5UGCGuagwtM593LjMejMK9i91dKoDJxOLVakpQEN3KTtVfFSgzw24QrUj0xJnT1jbSzLz-D5nkthE802lVymiZKgvAU-HAhdYWMHdGTXGu31fXg4T6XgVCR0KaIL2ofyXU5QaM_Pw5_e3Uphdr763dpeoKGIOjFyJesoFLczqMT4pO1grqw4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX5gAN8UMZZ79PNiLiM0PxNG88A_JntKxXMWMi-CaAcCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi03NDk5NDYwNjg3NjUwODU3yAEJqQKk659BUuSxPqgDAcgDAqoEwAFP0Pr9rmdQNsnSkTOqobq_PfPFzagEAYA-Y8AVzfQtRfmuXffjwXUiB4i3WfhfLwv8sh82Bbz3xPTk6-pBy-o41AtPD1ihUneHxpILzMyWLG0xWi09dO2g_ffdIUL7dsfTTNruFS1NCcJFiuzDY2286GX-4WF9NFmjWRAOBLSp5rS0n8VGFtRWVpJE4nji_xYM1JsJBwY4HZ_FsA-QBQfZ-IsKyQD18Y3x5xU3k0PeDgOxcoAHlpFmdULYgXAn8EeABsqNx6ndk5TvTqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MPOo-FV4yJdL38dAxsl7uH6cWSw%26client%3Dca-pub-7499460687650857%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeed2792d36ebc7ec1a9448f4fb856b422d6108a218e93009d9853eddb8fec0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 22:35:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Lv3YAkUu5zKlVvEEar3nhrtNTH3lI66vdEoQBZSXUpESSjjyvq6LWULRDk-WPGTRKAIA0wDx9GrTuiOBaQ-NTqccN0ZBoDNamWzVzgvWFUIc6AJ2td4R_0jBcmgWihWFddcYCGGddpqqTzZ-k8KLp32tGFnnHsA-cW3YK_Yr5UmkwksTJ-0RhqGK-X-i6bnX34rsI1kRHm24Q7lbemN43wzcWSqxuTo3OAW7s1yGsm4npODxi1P9myfYC_Ts1DXJrTL0kQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 64932678
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 75D8 3 KB
1 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 17:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 17:45:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 75D8 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 12:26:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 75D8 182 KB
57 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 22:35:36 GMT

GET
DATA 200
OK truncated
/ Frame 75D8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 250082292c366fa96dced42e229aac577a6f7c8954f3be114e0365949432c824

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 75D8 0
23 B 68ms
68ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3aiPN8UMZZ79PNiLiM0PxNG88A_JntKxXMWMi-CaAcCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi03NDk5NDYwNjg3NjUwODU3yAEJqQKk659BUuSxPqgDAcgDAqoEvQFP0Pr9rmdQNsnSkTOqobq_PfPFzagEAYA-Y8AVzfQtRfmuXffjwXUiB4i3WfhfLwv8sh82Bbz3xPTk6-pBy-o41AtPD1ihUneHxpILzMyWLG0xWi09dO2g_ffdIUL7dsfTTNruFS1NCcJFiuzDY2286GX-4WF9NFmjWRAOBLSp5rS0n8VGFtRWVpJE4nji_xYM1JsJBwY4X53kIo8D1Tp_KKzQRSAcVYPW7aM9vVtcusuM1HK4iL1-7YhMoZmABsqNx6ndk5TvTqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03NDk5NDYwNjg3NjUwODU3GAA&sigh=BgW4B7SQjWA&uach_m=[UACH]&cid=CAQSGwBpAlJW0cttrjnRMoUHCiLPwFXLus5bhgHC6BgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Sep 2023 22:35:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Sep 2023 22:35:36 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 75D8 0
126 B 79ms
19ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kvKoGMD6RO0HfJ2DYgICAAAAXrrdNMsIIcTq-0pMEDjFDGX_yLRyHyeJsBXXAAASAAAKCkFRVUREd0VCRHc&wp=ZQzFNwAPPp4DogXYAA8oxGfeIw8qrtG3wvRxcQ&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 149871
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6ADA 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQzFNwAPPp4DogXYAA8oxGfeIw8qrtG3wvRxcQ&u=%7Cfo1W0WIHCCfZ2QU3LzBzT51%2FNsk2qOLaPqUkTZAJrkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC863fg-71qW5FCOi9VVZ-H1YpklfQlK0LmDHisYDMOS5nWgv5htYHRBL9NcHLRX7DWQFe_kXEcRamntxxvgfnqOsQwkdeHD8vvTL2zpBdcluk0jId4Yy_swTZmdvt_onXDgLCckpGIBKETeiX92yGEnb94mppJRA2fsvcWIniNyqfBMb84o-G1-JswYuSyt7-rvnbRIOvGg2dMx2eibTaghXbzZlRPBFbuIdejg5U10X-OTjmeyvBB9h0oktjinSIM6Qc6SGc8gQSWTGCmygcrSKk3uW_mjZzDYFGL-5KUfE_f1Csl5HOVZWWLiGPCe8Qv7g43lETTWv7NAnPkglppXk5fis4X7K4GPuGk9ObCG7-jNPeM6uPal_O2N9N-cjjmAeu5UGCGuagwtM593LjMejMK9i91dKoDJxOLVakpQEN3KTtVfFSgzw24QrUj0xJnT1jbSzLz-D5nkthE802lVymiZKgvAU-HAhdYWMHdGTXGu31fXg4T6XgVCR0KaIL2ofyXU5QaM_Pw5_e3Uphdr763dpeoKGIOjFyJesoFLczqMT4pO1grqw4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX5gAN8UMZZ79PNiLiM0PxNG88A_JntKxXMWMi-CaAcCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi03NDk5NDYwNjg3NjUwODU3yAEJqQKk659BUuSxPqgDAcgDAqoEwAFP0Pr9rmdQNsnSkTOqobq_PfPFzagEAYA-Y8AVzfQtRfmuXffjwXUiB4i3WfhfLwv8sh82Bbz3xPTk6-pBy-o41AtPD1ihUneHxpILzMyWLG0xWi09dO2g_ffdIUL7dsfTTNruFS1NCcJFiuzDY2286GX-4WF9NFmjWRAOBLSp5rS0n8VGFtRWVpJE4nji_xYM1JsJBwY4HZ_FsA-QBQfZ-IsKyQD18Y3x5xU3k0PeDgOxcoAHlpFmdULYgXAn8EeABsqNx6ndk5TvTqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MPOo-FV4yJdL38dAxsl7uH6cWSw%26client%3Dca-pub-7499460687650857%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Sep 2024 22:35:36 GMT

GET
H2 200 adchoices_fr.svg
static.criteo.net/flash/icon/ Frame 6ADA 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_fr.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-75e"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Sep 2024 22:35:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6ADA 308 B
636 B 19ms
18ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 15 Sep 2024 22:35:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6ADA 293 B
621 B 19ms
19ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 15 Sep 2024 22:35:36 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 6ADA 43 B
347 B 25ms
25ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=FFJWmbPLftlbYqOHv1YY82dwv8SnRwG9NMWqkGTNjsZdmw-NYWX_xzrjIZgtOUa4ZBugAG9sJ29lICeI_jYPysC5n4btr6e55ANrzADoP5c0PmnoJ2mMVKCZAxai7zq04g0tRPefTrtXbnd0jO4AdMfw5Db07XegBJniIWjcJ8obdcKpVURKCe33ap-vEx-7ueTe_iXqd_H2M9X362E7jnnih6qf4BZPH1-joPFICllVCE0eIiMS2sHfUmEVntVFqG1hF4yEpdHdKLW9OjdFZEXcDjiVdahSYSCwGhO97_9ISFWT-nZSmrkZX6EwSTc6WZ0Qr167xMYYrxQhmQDwURnIeOyzSBos2ejHFOcCwlEO2oi4QhKNi7yYXL1wkjixrzEBLXBjNIDzmffJkEyGZRmvXm5q0VJN4FapFEliFTnpkz0C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1805484
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4DA5 0
23 B 71ms
71ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Czeq_OMUMZbQ8qJ-IzQ_J5IuoA8me0rFc1Z2R93DAjbcBEAEgAGD74YWDnAqCARdjYS1wdWItNzQ5OTQ2MDY4NzY1MDg1N8gBCakCpOufQVLksT6oAwHIAwKqBLsBT9DcvN4BFRVqrtvu3m4ZgwtNIiq0KCmHB7T6vjcHK-EX_TdjSj77i5U90Jz6tOdNw35pGps_2iiyBhM9Z_9ThJiOHBQF4iT2JcCJ0of4VbxoWh6eNTr6N66c5hzymKS2u3BjDecAhJK0b9Z-wPJxfUfipSTtXyd43xJhaTXW3RoO-8tkW0YvaqvLjvE1-Lq9tvdXe__YrkNmTtWaCZjFt8zSgoX5vYgM8AJ6VhvgAVyI4YBkUmWh0F0W_4AGyo3Hqd2TlO9OoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc0OTk0NjA2ODc2NTA4NTcYAA&sigh=cHZ91Hf5Ne0&uach_m=[UACH]&cid=CAQSGwBpAlJWnRnfGJ4oewrm34VtLgzgz_kqWKbytxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7499460687650857&output=html&h=90&slotname=1157905849&adk=3576264520&adf=3110890503&pi=t.ma~as.1157905849&w=728&lmt=1695323608&format=728x90&url=http%3A%2F%2Fwww.orafaq.com%2F&wgl=1&dt=1695335735548&bpp=1&bdt=350&idt=411&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3111185568042&frm=20&pv=1&ga_vid=1385945461.1695335735&ga_sid=1695335736&ga_hid=1407576408&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=554&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077327%2C31077702%2C31077970%2C42532402%2C31076997&oid=2&pvsid=4502984877883858&tmod=1628295193&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4NcpnAKmZO&p=http%3A//www.orafaq.com&dtd=415
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Sep 2023 22:35:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Sep 2023 22:35:36 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 4DA5 0
125 B 55ms
19ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kvKoGNSBMNgFWp2DYgICAAAA-lxoHdyge8jq-0pMEDfFDGWKPQpcQ19ZKzFVAAASAAAKCkFRVUJEd0VCRHc&wp=ZQzFOAAAHjQDog-oAALySblW6NrYf3mpQGkJ-w&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 140533
server: Kestrel
content-length: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6ADA 12 KB
6 KB 20ms
20ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Sep 2024 22:35:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6ADA 5 KB
5 KB 21ms
21ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6ae0771686a78a57731c7765855877aac1c531a60c2eb0bad17b040da5f039d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 5406
expires: Fri, 13 Sep 2024 09:55:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6ADA 38 KB
38 KB 24ms
23ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3452bc7d7c3a4f9360f5aba03d23cb142605b93a3d6f2726f257a0990c9e2207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 38796
expires: Fri, 13 Sep 2024 10:03:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6ADA 6 KB
6 KB 27ms
26ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=16330&q=80&r=2&u=https%3A%2F%2Fimg.sergeblanco.com%2Fphototheque%2F21750%2Flarge%2F01W021583A.jpg&v=3&w=800&s=YdwddVu4dO9EBHUMLJLbMTfc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

436f34e2293e15e48471335b073f3ba839a556b091b459d941b3ae77ea248323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 6392
expires: Fri, 13 Sep 2024 09:54:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6ADA 6 KB
7 KB 25ms
24ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=16330&q=80&r=2&u=https%3A%2F%2Fimg.sergeblanco.com%2Fphototheque%2F20000%2Flarge%2F01W019759A.jpg&v=3&w=800&s=Cl1ngP1bkwee4QWbYfTPCzUN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

74967dee6d073c995252d1028d111c21ccb9d30084c0897a64c788df672e4c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 6562
expires: Fri, 13 Sep 2024 09:58:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6ADA 4 KB
4 KB 30ms
28ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6b2e48bc3c8e8803ceaf4959a0e4e1a5b9b9ae8a1d5f349098c613841709d1f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3774
expires: Fri, 13 Sep 2024 09:54:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6ADA 7 KB
7 KB 29ms
27ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

871c53fb2ee4b45abe0c26c440fa5949750071d4a428bf8a379a31e198820f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 7078
expires: Fri, 13 Sep 2024 09:58:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6ADA 4 KB
5 KB 27ms
26ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=16330&q=80&r=2&u=https%3A%2F%2Fimg.sergeblanco.com%2Fphototheque%2F11500%2Flarge%2F01W011429A.jpg&v=3&w=800&s=5kp8yCm7gv_iurOjAHnZnInD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

73a1d792792208f1fea7baf8037d8e1fad98efc638341fea5a009a8a8e0b8600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 4430
expires: Fri, 13 Sep 2024 09:54:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6ADA 13 KB
13 KB 36ms
35ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f9e1069ec94950c285b23ef61a7eb27209c274fe81b8a6e7b6e74b8c881fdba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 12860
expires: Fri, 13 Sep 2024 09:54:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6ADA 6 KB
6 KB 37ms
36ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cd9d60d83935149c559884c544bf73fae35fa01b0828bee20d0bfb5508ec10ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 5676
expires: Fri, 13 Sep 2024 09:58:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6ADA 3 KB
3 KB 40ms
39ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8734b9847014f0a266e63a109c68c3ad43d1ad04e68db01bbff01b2a5560eb07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 2944
expires: Fri, 13 Sep 2024 09:58:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6ADA 11 KB
11 KB 39ms
39ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=16330&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F16330%2F4942559%2F2953e43442c74e2fbe5ea9a77820f8d9_1200x1200.png&v=3&w=196&s=ZwrakTLvIDZDvLX-vElBuGFF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0b209e8a0a018a24c5ca9523c9de63d1af2ff7f72a3db560c1c556d757355454

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/png
cache-control: public, max-age=31104000
content-length: 11269
expires: Fri, 13 Sep 2024 10:03:48 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6ADA 0
127 B 19ms
19ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Lv3YAkUu5zKlVvEEar3nhrtNTH3lI66vdEoQBZSXUpESSjjyvq6LWULRDk-WPGTRKAIA0wDx9GrTuiOBaQ-NTqccN0ZBoDNamWzVzgvWFUIc6AJ2td4R_0jBcmgWihWFddcYCGGddpqqTzZ-k8KLp32tGFnnHsA-cW3YK_Yr5UmkwksTJ-0RhqGK-X-i6bnX34rsI1kRHm24Q7lbemN43wzcWSqxuTo3OAW7s1yGsm4npODxi1P9myfYC_Ts1DXJrTL0kQ&sds=2&rev=88356&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Sep 2023 22:35:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6ADA 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Sep 2024 22:35:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6ADA 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Sep 2024 22:35:36 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 132ms
78ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4367cbefb780b9e0d85eefd3a571f6117e2358a3e1f90113ab23c1a7a33ca985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12068
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 22:35:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AC33 13 KB
5 KB 30ms
26ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orafaq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 17329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 17:46:48 GMT
expires: Fri, 20 Sep 2024 17:46:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 48FF 829 B
993 B 37ms
35ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ad8ce409cfbed739ca6beeea3bb0b27a660383f62429ebac156ff0d31021a64c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4zYR14bDejm5NzRbnBARYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.orafaq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4zYR14bDejm5NzRbnBARYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 22:35:37 GMT
expires: Thu, 21 Sep 2023 22:35:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 48FF 0
0 58ms
58ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=4502984877883858&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame AC33 37 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 17:40:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Sep 2024 17:40:34 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AC33 0
10 B 25ms
24ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PuoEcA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:35:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4DA5 42 B
64 B 63ms
62ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssObRjwJGvnpe8d1Dy79knQ7wsXgVLfK3sIC1FRevuLsbub2L4oGpu1DAJIsCZx3v8MSwTHk6Q23BU9zQWS-HPobNY7YcKHT982JEo&sig=Cg0ArKJSzGmj0AWeIcOtEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3576264520&rs=2&la=0&cr=0&vs=4&r=v&rst=1695335735964&rpt=581&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 22:35:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CD47 0
127 B 20ms
19ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Sep 2023 22:35:37 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
61ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=4502984877883858&bg=!1dal1pnNAAYrDsWMCw47ADQBe5WfOGOVKjOsP1RMrRLorm_b_FaquVvVU8BToSqs67VUuaZNrf3OctliD4mUJCKWl-lgAgAAAF1SAAAAJmgBBwoAeEorfLi_aw5V6YGor6xWJCO_NWGLKDj8qdDaf4QOhZ21oWSA0RSuGBgcUIDNgxbxv_XtBnzRR6NLeHs4BjtGmjBpXebfhWmuR9uJxdKYqqPQwjFbBd-m9g4uU7j-Ew8401RhdPZNkWt7Z1oO3tMFcMcsWrl2jSKBSJkCsVEe2zKh7wPELZcY4Y3b-ugk_f_kk_YYgpge2hJ_N0xukyfnDJ88t1EmmbhLovb27A-1k1080U3D4hK7jDv5nxS0CDoZqZ2dNURsLb5aQvtWuWHzUynroP0bS0PNT4es-7l8xPaq_rd9D5sCebEg27HmMDj9qLEdTUO7Y6Qqsk3NQ2qa8UFdJfNh01LuUuhsAw09SazvK78FBvT4GHwowWkoYZQ8Oz3rCHSXQSWl_UU1u2kun4Ct4Z-IgU1MttgwxPWMw9cBC1jnVuqT8-p_pOxf3Wt75uONBw0OC5IWfMbGv8mOqm8hxcOr0hKelR8NL3zhr6MtfWqqvtqa9Fn6R6Wxkqm6l658oNddF2bZrFEqo_ZVnNyqKbBL_5LuIssLjud8v4hznqNptImjrjM_J0UGk8rEtvp9C88e2UM19Qd5ugF-XwF1K1BWLw0j933NVzV-AlySRSVFQ8APH5QalMuSKZ_B7gfv-plvXIhbXWFrQuENDtgnAIFdx-fjNlEcxu6IdB6OwkbxvDYHQ2bRu5LlJl22DIyAB6gAc7z9uBWg_vwkv429qBcFlGYt3Z2_RBYjLlP98pnnWMDXm-4LOL12muhT7v3ob6pXbXU6c3IeixO2BJLBiPXdhcfjI1v1fJWpGa5yHbdL3iAiK1A5cEpSayjBH1qkbRMkC3109SyLWzv2DlY2YN9ZThzVAFm1Puhtkg67J_p_mEwZJRf-7RYjVl6OGkbxGQmSfCkIA6ugqmR842wWKHaYA_9FTJxuR6Zu6kilwNlVsTghkXrjxqPXWKT3Klq1K12Zn4HV7WF4Z3nXda9C7CIMzuXXq6XeC5SfMQ7tV8benoL6UMMpGdoj1Bdlrd33Ka_zrTgkmyxhQJN6GFVVhcO3edFI2XeWGN9Dtyf9__AdKFOICCkG_AM9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.orafaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 75D8 42 B
64 B 64ms
63ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst43m8VTjfnYBzRV-XLcz2TyOXU5XhbFlFiUfOkjjLjyvIFOV23vYQC4pjjwltZEMgkLdrmE480KqsOnV0psOfevLVRvuyD8RTp_Bs8&sig=Cg0ArKJSzID9xxINH5ktEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,766,1000,1108,1193&tos=83,683,234,108,85&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1695335736485&rpt=192&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 22:35:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6ADA 0
127 B 20ms
19ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Sep 2023 22:35:37 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.orafaq.com/	1969-12-31 23:59:59	Name: has_js Value: 1
.orafaq.com/	1970-01-21 00:31:35	Name: _ga Value: GA1.2.1385945461.1695335735
.orafaq.com/	1970-01-20 14:57:02	Name: _gid Value: GA1.2.756185021.1695335735
.orafaq.com/	1970-01-20 14:55:35	Name: _gat Value: 1
.orafaq.com/	1970-01-21 00:31:35	Name: _ga_EP4T107M3R Value: GS1.2.1695335735.1.0.1695335735.0.0.0
.orafaq.com/	1970-01-21 00:17:11	Name: __gads Value: ID=5fdf475ac1085234-22a6513c89de0013:T=1695335736:RT=1695335736:S=ALNI_Mag5t8ttqN2S6BMf4w5qUcp3YBztw
.orafaq.com/	1970-01-21 00:17:11	Name: __gpi Value: UID=00000d9464666126:T=1695335736:RT=1695335736:S=ALNI_MYhSUUfhbTVvf7tqVlNru4gVyXEbA
.doubleclick.net/	1970-01-21 00:17:11	Name: IDE Value: AHWqTUl1RlozuG30PoDuEQBS3C13PUe5ssk6Vr76pgANLydLrrfEa6P07v6QlRkXbDg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cse.google.com/cse/t13n?form=cse-search-box&t13n_langs=en Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7499460687650857&output=html&h=90&slotname=1157905849&adk=3576264520&adf=3110890503&pi=t.ma~as.1157905849&w=728&lmt=1695323608&format=728x90&url=http%3A%2F%2Fwww.orafaq.com%2F&wgl=1&dt=1695335735548&bpp=1&bdt=350&idt=411&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3111185568042&frm=20&pv=1&ga_vid=1385945461.1695335735&ga_sid=1695335736&ga_hid=1407576408&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=554&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077327%2C31077702%2C31077970%2C42532402%2C31076997&oid=2&pvsid=4502984877883858&tmod=1628295193&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4NcpnAKmZO&p=http%3A//www.orafaq.com&dtd=415 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.nl3.eu.criteo.com
cse.google.com
csm.eu.criteo.net
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.orafaq.com
www.paypalobjects.com
z-na.amazon-adsystem.com
143.204.12.2
178.250.1.6
192.229.221.25
2001:4860:4802:34::36
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200e
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:d::11
2a02:2638:d::2
2a02:2638:d::c
85.93.89.32
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
090e695fffaa76dfc609b0211e56498b0a592bf482540328c8207da52593dffc
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b209e8a0a018a24c5ca9523c9de63d1af2ff7f72a3db560c1c556d757355454
0e5e419fb375b9fb7bd6718c1460cbd390899604b85fd17d131198e62e72736e
1b5b11542728fe1a40e123bc08c3ce788b77a8448e2aa2b11ac83bfc886ba597
250082292c366fa96dced42e229aac577a6f7c8954f3be114e0365949432c824
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
2c63ae323b1ccf03e72b614212a363d5d19b0438b30286e0f68b40f93c130391
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30312a5ff01d2a42a51b3a786f6b1245c47be291fd4d107274fd3cde75f04f71
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3318138d0f116d034cd1ced5c0bf7697f45965b830d68eebcaf4b972bad43e2d
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256
3452bc7d7c3a4f9360f5aba03d23cb142605b93a3d6f2726f257a0990c9e2207
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
3b598753d9e6dd148d9bb7903ce85e7f7db2956574730cfd472bd54f54cad14c
3c61d07257fe59f64a0b9c09b2b204e0c9442c341d9e0f9254b62f804e26fbb4
40a9821c44cf3ba0bd470d7b2dd89fc9838ade026c14e38174ab97cd89d33d72
4351496b7ead1142a71f695db679fcae1e04614699070b916cb64b5592d7b1fa
4367cbefb780b9e0d85eefd3a571f6117e2358a3e1f90113ab23c1a7a33ca985
436f34e2293e15e48471335b073f3ba839a556b091b459d941b3ae77ea248323
445a1c4e1ff3cdf7bfc8f749821e1d0012efc336c2825b00a906a918a1a48d98
4538eeacbabfbe26680d5b52d36315896ca34b816b4fc4a50bc126d9ff0d173e
45919026a1419bd53a87c8a1a35110e724a6d79dd85d7f4c12e5a0c2c5aea831
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5069b30b5e8845177e793c5027683e6931defe5849a6bba87d98f862faa18545
51af7ccf18c7f48d94dab4de7bd205b74073d1d6a86904134a7683c42c6ddca7
5333d9f595e5a02cc072a08fd5d7ab4617fb5ffa3f3c305612072c9208058e46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
664b4d1a2ab98db497e05414da212215598f4c99b121662836dfbe63440b2eae
6ae0771686a78a57731c7765855877aac1c531a60c2eb0bad17b040da5f039d0
6b2e48bc3c8e8803ceaf4959a0e4e1a5b9b9ae8a1d5f349098c613841709d1f2
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73a1d792792208f1fea7baf8037d8e1fad98efc638341fea5a009a8a8e0b8600
74967dee6d073c995252d1028d111c21ccb9d30084c0897a64c788df672e4c57
79f03f37ff1cc03c0d5755b1539ae1149009d04348ebe44b2a6f61b4a4605607
7de12d3c8162e82ca3193fce9657be2118e7f4f465a2b37cb7f55bf612e61910
8449627df3452bf35bcf4b9c483bb4be3a3bf39d8b141d631c302a4137d2e398
871c53fb2ee4b45abe0c26c440fa5949750071d4a428bf8a379a31e198820f9d
8734b9847014f0a266e63a109c68c3ad43d1ad04e68db01bbff01b2a5560eb07
8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4f9134af3b3c32883dc0080df2d2659cfff57f3e03939d280e952a9a6672112
a689042e409f8d6372216d0db93598251e20a4d2e4b7e4f0705b37be020daf85
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a91891e105655dfc50927fe58c6612b2e92f8119bd34909cd06a3a8e256afec0
ad8ce409cfbed739ca6beeea3bb0b27a660383f62429ebac156ff0d31021a64c
ae7ce3a8cfc4b88daca830a7d8cbfeee4789eb7ff144e114af3b02376699bfa2
aeed2792d36ebc7ec1a9448f4fb856b422d6108a218e93009d9853eddb8fec0b
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b4d20ac5c4fd4ec8b2976c90d5fba67d04c5570493f09522bddfd13e93057632
bf38e36e83c03851ef6ad378a251217256a9a42547beea0d57fcbb8031241034
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e
cd9d60d83935149c559884c544bf73fae35fa01b0828bee20d0bfb5508ec10ae
da69dada27a7eb141f862a98a88faabca8710a1efa70d6f34bf2bfe2bf065b46
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e457a1f5c855a40b853c0f8f6421db58c3e7b443444389e3ac1cb128bb02fc97
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9e1069ec94950c285b23ef61a7eb27209c274fe81b8a6e7b6e74b8c881fdba8

www.orafaq.com Open in urlscan Pro 85.93.89.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

92 Requests

78 %HTTPS

79 %IPv6

13 Domains

20 Subdomains

20 IPs

3 Countries

1024 kBTransfer

2455 kBSize

8 Cookies

0 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.orafaq.com Open in urlscan Pro
85.93.89.32 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

78 %
HTTPS

79 %
IPv6

13
Domains

20
Subdomains

20
IPs

3
Countries

1024 kB
Transfer

2455 kB
Size

8
Cookies

92 HTTP transactions
2 data transactions