kora2.arab4day.com Open in urlscan Pro
2606:4700:3031::6815:23d0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kora2.arab4day.com/
Effective URL:
https://kora2.arab4day.com/
Submission: On January 16 via api (January 16th 2024, 5:38:35 pm UTC) from US — Scanned from DE

Summary HTTP 46 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 10 domains to perform 46 HTTP transactions. The main IP is 2606:4700:3031::6815:23d0, located in United States and belongs to CLOUDFLARENET, US. The main domain is kora2.arab4day.com.
TLS certificate: Issued by E1 on December 20th 2023. Valid for: 3 months.

This is the only time kora2.arab4day.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::ac43:b393	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3031::6815:23d0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
46	16

1 2606:4700:3030::ac43:b393 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kora2.arab4day.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::6815:23d0 (United States)

ASN13335 (CLOUDFLARENET, US)

kora2.arab4day.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386 csm.eu.criteo.net — Cisco Umbrella Rank: 8850	114 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	286 KB
5	arab4day.com 1 redirects kora2.arab4day.com	87 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	19 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8778 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15704	44 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	65 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	256 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	92 KB
46	10

	Domain	Requested by
14	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
8	pagead2.googlesyndication.com	kora2.arab4day.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	kora2.arab4day.com	1 redirects kora2.arab4day.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	imageproxy.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	kora2.arab4day.com
46	15

This site contains links to these domains. Also see Links.

Domain
stad.livehd7s.live
albaadani.com

Subject Issuer	Validity	Valid
arab4day.com E1	`2023-12-20` - `2024-03-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-03-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://kora2.arab4day.com/
Frame ID: 4E88DB8D05A77166977175B9EE407D07
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 3EA265F3C51F1054848324C4A9B93E30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4828851337835752&output=html&adk=1812271804&adf=3025194257&lmt=1705426711&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=https%3A%2F%2Fkora2.arab4day.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705426711705&bpp=2&bdt=133&idt=240&shv=r20240109&mjsv=m202401090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=923100268974&frm=20&pv=2&ga_vid=654803885.1705426712&ga_sid=1705426712&ga_hid=1602125424&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080262%2C44809004%2C31080354%2C95320868%2C95320889%2C95321627%2C95322166&oid=2&pvsid=1991258701299480&tmod=28521631&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=263
Frame ID: 0E3528F50FC8B28AC714B3ECC4E29946
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=6040781975&adk=1434744299&adf=54630664&pi=t.ma~as.6040781975&w=1200&fwrn=4&fwrnh=100&lmt=1705426711&rafmt=1&format=1200x280&url=https%3A%2F%2Fkora2.arab4day.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705426711707&bpp=1&bdt=135&idt=264&shv=r20240109&mjsv=m202401090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=923100268974&frm=20&pv=2&ga_vid=654803885.1705426712&ga_sid=1705426712&ga_hid=1602125424&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080262%2C44809004%2C31080354%2C95320868%2C95320889%2C95321627%2C95322166&oid=2&pvsid=1991258701299480&tmod=28521631&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=266
Frame ID: F0B31563D2296F520C49306A45BFFC4C
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaa_GAABhmkEf6oKAAJeSeuUT-40Fn7auXECvQ&u=%7CZsCG8ysT%2BZtwZdR6KrmzTJ5o2FZNkdXMsn0vhlQlfDE%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJkh2VPxYajAQldvKH9kZewA2RAyqzM-yhzJLPgq_JRbmsYbsGB2Nq4OK9M63MtLegXUS8zDV61fGmNhHnc55aJm23kpfDL0sZRjzYm-gjEd9m3pWgSQcfGC_SNaI4-gj_oy1Gq1WwTHW2wiqxLMkeAWxFIOxNsgoQfPq60Ecf-27iIDv6_LmNNMecEWCx_BJt_ylitRruDpTUl9htIq83n_v191DUrdsqUkLwf6LKxNDTZZpgrZWYgwhC6mvWe-_lSClaK4Zh_ZbuUMK3oJmtyxfCgSdzj4U1EN60G83t7bdOEQxJMR6O8QCPfy4alOEysFFMUvz_yrXKyoo4f4eMRiwjGTh97Y2woMxCsX41DcBMRI7zQE5I7TopFvX4gxjoIHrOTcptGUTYuFMPYfMPAGxrfm3t5s6pM1esL0uPZa9hRyPScjyrPmjL2mUpD4PDR-epPRpXtEdPXQ8RDa9OJp-mO6inuG-ol2JklcPuINkmlmTxKDWrdRX_62MbY2s1SdTYy_uAlkvXmqSh3YEbwJL0UO5uyQ22tf4otmxCkW-SvFdeVPcWjA6QVisGgwV5dE3NZtOJmGHf668j1j1U_&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5TgtGL-mZemMBorU_tMPybyJ-AzJntKxXL3plfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYxMTM0Njc2OTQ5MDEzODTIAQmpAgveFLCSULI-qAMByAMCqgT-AU_QwARggpZC3QXkkyYVHQv1MfhyDZiBateQjC71lKoTmhATi7OpOCbA7W8TV5EmU-uO6m35ehGkLzmsLGwR-Iz_wQxFCmmTxERnsdIqtrQ8nKTEWH_ilIeiZLkCjHBVM_tbAvJTEJM2IqnnX0OBz89xkesh7Qu74WHMiXG7kview_ZdASoNTzSzpIsbqlonUatS6WaWPee42uJcO-h3wTXNIsjLrnNww2o5LyrGAIIqvhsdZvpn6fBkfbfdAtiSTVFdGWfcpaTkN1Fa6QZa4yi2qH3Lz5ec-WP7B3o2548s8-t60OLY0pXduUDiaKp25IgTv2cS20mzCRsh5MvRgAaXj53usKe3k4kBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLrK8cq54oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_07TwD3ZVbiwc2Zxq1AupsClKG8yg%26client%3Dca-pub-6113467694901384%26adurl%3D
Frame ID: 2F44E144ADCCCEB161DCFDFA0126A2FE
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 26A6838D3C8C0DD4790D744309089712
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2EE28ECA0EF3EB50B4C764281B6794C4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

الاسطورة لبث المباريات livehd7 – الاسطورة لبث المباريات livehd7 لايف موقع الأسطوره مباريات اليوم اون لاين live hd7 , Alostora لمشاهدة مباريات اليوم بث مباشر روابط الاسطورة للجوال

Page URL History Show full URLs

http://kora2.arab4day.com/ HTTP 301
https://kora2.arab4day.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

46
Requests

100 %
HTTPS

94 %
IPv6

10
Domains

15
Subdomains

16
IPs

3
Countries

712 kB
Transfer

1805 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://stad.livehd7s.live/
Title: الاسطورة

Search URL Search Domain Scan URL

URL: https://albaadani.com/
Title: Designed by | albaadani

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kora2.arab4day.com/ HTTP 301
https://kora2.arab4day.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kora2.arab4day.com/
Redirect Chain

http://kora2.arab4day.com/
https://kora2.arab4day.com/

51 KB
14 KB

86ms
44ms

Document
text/html

2606:4700:3031::6815:23d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kora2.arab4day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:23d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55269b4afa3116b33c52f1798707565205e4988f93e994922ae75033170517ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 846821f31e3a6690-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 16 Jan 2024 17:38:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWYAega8K85ZLL9Ahinj%2BCYocy2pKCZmQCG%2FJ7D%2Fi0yFlM65jqzGmwG%2BzAl2lSZukPjXfCLnBrcEC4EXyY%2B%2BMGakeK06qqNf8iaxKYIc%2Bx1GaDHJE5Ji%2FItNd%2BcoF5pYNe8LHZr%2F0rauBT6BicpnchA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 846821f27ec43cff-CDG
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 16 Jan 2024 17:38:31 GMT
Expires: Tue, 16 Jan 2024 18:38:31 GMT
Location: https://kora2.arab4day.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piQxwgUeaX%2B3A5ywyrF5h0lXM9XO%2BgGkP49vJz77auZsj79khOsELrQpOh3KOE9omk35dCYLJHMPJiz6WJvOLRLjue4uNnUaYVFKtn3Do6OdkW5vP%2BqNuDokQWkEyBDOP9EmgoPZLLLAsGYqaw0V%2F5Q%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style-rtl.min.css
kora2.arab4day.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 32ms
26ms Stylesheet
text/css 2606:4700:3031::6815:23d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kora2.arab4day.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.4.2

Requested by

Host: kora2.arab4day.com
URL: https://kora2.arab4day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:23d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

195e8477d09f2cb72a658301e339cc931b55ad134ed59d65f1ad7fea9aa0520e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kora2.arab4day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:31 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87522
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Thu, 07 Dec 2023 20:08:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VStu%2FRWSLiF0zXO%2FZOmM6sz0jPyBvCkb%2Fjr9MnKr1B6KYB1O%2BLfsP1SIrU6DCPdf%2BRkcJPT8vgY3DeTL77h3g2is9zRFk6XuUnckReVEAL1jNjiz5MWFFSsScM98g7GF0nWtcjEV4gWOuk1ManxdQBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 846821f36eab6690-AMS
expires: Wed, 14 Feb 2024 17:19:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 38ms
15ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HGM6D0832S

Requested by

Host: kora2.arab4day.com
URL: https://kora2.arab4day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

270295f6504be21e8cbb13c426ec73e28f507e473ac974d97f68f584ef14a6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kora2.arab4day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93472
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 17:38:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 70ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4828851337835752

Requested by

Host: kora2.arab4day.com
URL: https://kora2.arab4day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e643100c988192a6bc715a2cbff61e03b897839efa788738052daa0c2d8cff6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kora2.arab4day.com/
Origin: https://kora2.arab4day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51295
x-xss-protection: 0
server: cafe
etag: 10976665642097077749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 17:38:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 75ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6113467694901384

Requested by

Host: kora2.arab4day.com
URL: https://kora2.arab4day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c3b6d17677a2741e576c256e8aec9fb3d1f67775073b16e83dc555abe059f06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kora2.arab4day.com/
Origin: https://kora2.arab4day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51305
x-xss-protection: 0
server: cafe
etag: 9657902733389985745
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 17:38:31 GMT

GET
H2 200 sticky.js Show response
kora2.arab4day.com/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/ 4 KB
2 KB 30ms
24ms Script
application/javascript 2606:4700:3031::6815:23d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kora2.arab4day.com/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/sticky.js?ver=1.8.5

Requested by

Host: kora2.arab4day.com
URL: https://kora2.arab4day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:23d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4c6a39cdb1f2dab900d10c83275e2e72e795325924c731d8fa0c49b9ec5ccb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kora2.arab4day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:31 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87500
cf-polished: origSize=5914
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 07 Dec 2023 20:08:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMqGFH3UpAESkriZ7gbcND31A%2BKLG2u9eAs%2B1A0%2FJROxUhVBydcUChbKGjexg5%2FniaWSn%2Fh0SNCR2NoeEfZZFrJ3Ip9UW6%2FEBHAGcy6yGByzxT0mY7Cuo%2FxyGSyylP%2B7WZqUnjkZAf5WuQ9RFSvusCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 846821f36eac6690-AMS
expires: Wed, 14 Feb 2024 17:20:11 GMT

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 NeoSansArabic.woff
kora2.arab4day.com/wp-content/themes/AlbaYallaShoot/fonts/ 56 KB
57 KB 16ms
16ms Font
font/woff 2606:4700:3031::6815:23d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kora2.arab4day.com/wp-content/themes/AlbaYallaShoot/fonts/NeoSansArabic.woff

Requested by

Host: kora2.arab4day.com
URL: https://kora2.arab4day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:23d0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kora2.arab4day.com/
Origin: https://kora2.arab4day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:31 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87328
alt-svc: h3=":443"; ma=86400
content-length: 57364
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Thu, 07 Dec 2023 20:08:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtmYDUivhVy0NnN7JWRAycVIPdbhrpbbg8PrJT9az1BmnM3AZER52dCCSjKUxBRu48OrsPLH13o0oub7rGPoIFfEeCxNI58KKV6IfY69bREfZIwwv6RquP3ydqvUO1ilGTAdCKcaUoGqGB0uxKpN5b0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 846821f39937bb37-FRA
expires: Fri, 15 Mar 2024 17:23:03 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 45ms
25ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HGM6D0832S&gtm=45je41a0v9171817307&_p=1705426711607&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=654803885.1705426712&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705426711&sct=1&seg=0&dl=https%3A%2F%2Fkora2.arab4day.com%2F&dt=%D8%A7%D9%84%D8%A7%D8%B3%D8%B7%D9%88%D8%B1%D8%A9%20%D9%84%D8%A8%D8%AB%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20livehd7%20%E2%80%93%20%D8%A7%D9%84%D8%A7%D8%B3%D8%B7%D9%88%D8%B1%D8%A9%20%D9%84%D8%A8%D8%AB%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20livehd7%20%D9%84%D8%A7%D9%8A%D9%81%20%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%A3%D8%B3%D8%B7%D9%88%D8%B1%D9%87%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20live%20hd7%20%2C%20Alostora%20%D9%84%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%B1%D9%88%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%A7%D8%B3%D8%B7%D9%88%D8%B1%D8%A9%20%D9%84%D9%84%D8%AC%D9%88%D8%A7%D9%84&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=248
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HGM6D0832S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kora2.arab4day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 17:38:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kora2.arab4day.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401090101/ 402 KB
136 KB 96ms
79ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4828851337835752&plah=kora2.arab4day.com&bust=31080354

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4828851337835752

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1939c44c4f0c2f231f1d7b137c8ea61292fb1b5af03445d951a3534a5e800475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kora2.arab4day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139448
x-xss-protection: 0
server: cafe
etag: 5353937893379759346
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 17:38:31 GMT

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 3EA2 9 KB
4 KB 28ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4828851337835752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kora2.arab4day.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 03:19:58 GMT
etag: 3009746639812436877
expires: Tue, 30 Jan 2024 03:19:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0E35 603 B
218 B 183ms
182ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4828851337835752&output=html&adk=1812271804&adf=3025194257&lmt=1705426711&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=https%3A%2F%2Fkora2.arab4day.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705426711705&bpp=2&bdt=133&idt=240&shv=r20240109&mjsv=m202401090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=923100268974&frm=20&pv=2&ga_vid=654803885.1705426712&ga_sid=1705426712&ga_hid=1602125424&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080262%2C44809004%2C31080354%2C95320868%2C95320889%2C95321627%2C95322166&oid=2&pvsid=1991258701299480&tmod=28521631&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=263

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4828851337835752&plah=kora2.arab4day.com&bust=31080354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kora2.arab4day.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 17:38:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F0B3 36 KB
15 KB 534ms
534ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=6040781975&adk=1434744299&adf=54630664&pi=t.ma~as.6040781975&w=1200&fwrn=4&fwrnh=100&lmt=1705426711&rafmt=1&format=1200x280&url=https%3A%2F%2Fkora2.arab4day.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705426711707&bpp=1&bdt=135&idt=264&shv=r20240109&mjsv=m202401090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=923100268974&frm=20&pv=2&ga_vid=654803885.1705426712&ga_sid=1705426712&ga_hid=1602125424&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080262%2C44809004%2C31080354%2C95320868%2C95320889%2C95321627%2C95322166&oid=2&pvsid=1991258701299480&tmod=28521631&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=266

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1751e8a77ba640db8479be8d56a8aeb6b8f70de0933e72a3f115aa6d7a5caf5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kora2.arab4day.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14829
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 17:38:32 GMT
expires: Tue, 16 Jan 2024 17:38:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame F0B3 3 KB
1 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=6040781975&adk=1434744299&adf=54630664&pi=t.ma~as.6040781975&w=1200&fwrn=4&fwrnh=100&lmt=1705426711&rafmt=1&format=1200x280&url=https%3A%2F%2Fkora2.arab4day.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705426711707&bpp=1&bdt=135&idt=264&shv=r20240109&mjsv=m202401090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=923100268974&frm=20&pv=2&ga_vid=654803885.1705426712&ga_sid=1705426712&ga_hid=1602125424&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080262%2C44809004%2C31080354%2C95320868%2C95320889%2C95321627%2C95322166&oid=2&pvsid=1991258701299480&tmod=28521631&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:44:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 08:44:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame F0B3 20 KB
9 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0B3 205 KB
65 KB 89ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 17:38:32 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2F44 117 KB
43 KB 120ms
72ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaa_GAABhmkEf6oKAAJeSeuUT-40Fn7auXECvQ&u=%7CZsCG8ysT%2BZtwZdR6KrmzTJ5o2FZNkdXMsn0vhlQlfDE%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJkh2VPxYajAQldvKH9kZewA2RAyqzM-yhzJLPgq_JRbmsYbsGB2Nq4OK9M63MtLegXUS8zDV61fGmNhHnc55aJm23kpfDL0sZRjzYm-gjEd9m3pWgSQcfGC_SNaI4-gj_oy1Gq1WwTHW2wiqxLMkeAWxFIOxNsgoQfPq60Ecf-27iIDv6_LmNNMecEWCx_BJt_ylitRruDpTUl9htIq83n_v191DUrdsqUkLwf6LKxNDTZZpgrZWYgwhC6mvWe-_lSClaK4Zh_ZbuUMK3oJmtyxfCgSdzj4U1EN60G83t7bdOEQxJMR6O8QCPfy4alOEysFFMUvz_yrXKyoo4f4eMRiwjGTh97Y2woMxCsX41DcBMRI7zQE5I7TopFvX4gxjoIHrOTcptGUTYuFMPYfMPAGxrfm3t5s6pM1esL0uPZa9hRyPScjyrPmjL2mUpD4PDR-epPRpXtEdPXQ8RDa9OJp-mO6inuG-ol2JklcPuINkmlmTxKDWrdRX_62MbY2s1SdTYy_uAlkvXmqSh3YEbwJL0UO5uyQ22tf4otmxCkW-SvFdeVPcWjA6QVisGgwV5dE3NZtOJmGHf668j1j1U_&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5TgtGL-mZemMBorU_tMPybyJ-AzJntKxXL3plfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYxMTM0Njc2OTQ5MDEzODTIAQmpAgveFLCSULI-qAMByAMCqgT-AU_QwARggpZC3QXkkyYVHQv1MfhyDZiBateQjC71lKoTmhATi7OpOCbA7W8TV5EmU-uO6m35ehGkLzmsLGwR-Iz_wQxFCmmTxERnsdIqtrQ8nKTEWH_ilIeiZLkCjHBVM_tbAvJTEJM2IqnnX0OBz89xkesh7Qu74WHMiXG7kview_ZdASoNTzSzpIsbqlonUatS6WaWPee42uJcO-h3wTXNIsjLrnNww2o5LyrGAIIqvhsdZvpn6fBkfbfdAtiSTVFdGWfcpaTkN1Fa6QZa4yi2qH3Lz5ec-WP7B3o2548s8-t60OLY0pXduUDiaKp25IgTv2cS20mzCRsh5MvRgAaXj53usKe3k4kBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLrK8cq54oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_07TwD3ZVbiwc2Zxq1AupsClKG8yg%26client%3Dca-pub-6113467694901384%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9d53c3b479a2e0d7c6b02a931b991ce5614377f3ad6fbc38ba8a3744cba5a2c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 17:38:32 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=WKyv8QI9xeT9kvuwM33nmG6mHvMq9NCZCr3grPqyFt-vBBcJr5qf1931jyb_vvAFVKdzJ8M5K_QNfSZM-pjdTHWLDmUADC4ZwGKWuPRKs9TKbME3acwmdrwI2Uq7qv1fdy1f7_RWpCtBUG_h_s-89NXNuLzlqFPFwIMHwFdKv1LxC7PkyXXBOSn84ua-klsiVyNM1C0HxkQXspgKW7JGgpPA23H9wNp07odvX56WabHTmfAQZj315TvDf7qs6B2Znivl3Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 55105246
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame F0B3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 364937f71d2c969d7077c14ee999ca24104eb92aa1da34a8e2659270faf0b4da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2F44 2 KB
1 KB 42ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zaa_GAABhmkEf6oKAAJeSeuUT-40Fn7auXECvQ&u=%7CZsCG8ysT%2BZtwZdR6KrmzTJ5o2FZNkdXMsn0vhlQlfDE%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVJkh2VPxYajAQldvKH9kZewA2RAyqzM-yhzJLPgq_JRbmsYbsGB2Nq4OK9M63MtLegXUS8zDV61fGmNhHnc55aJm23kpfDL0sZRjzYm-gjEd9m3pWgSQcfGC_SNaI4-gj_oy1Gq1WwTHW2wiqxLMkeAWxFIOxNsgoQfPq60Ecf-27iIDv6_LmNNMecEWCx_BJt_ylitRruDpTUl9htIq83n_v191DUrdsqUkLwf6LKxNDTZZpgrZWYgwhC6mvWe-_lSClaK4Zh_ZbuUMK3oJmtyxfCgSdzj4U1EN60G83t7bdOEQxJMR6O8QCPfy4alOEysFFMUvz_yrXKyoo4f4eMRiwjGTh97Y2woMxCsX41DcBMRI7zQE5I7TopFvX4gxjoIHrOTcptGUTYuFMPYfMPAGxrfm3t5s6pM1esL0uPZa9hRyPScjyrPmjL2mUpD4PDR-epPRpXtEdPXQ8RDa9OJp-mO6inuG-ol2JklcPuINkmlmTxKDWrdRX_62MbY2s1SdTYy_uAlkvXmqSh3YEbwJL0UO5uyQ22tf4otmxCkW-SvFdeVPcWjA6QVisGgwV5dE3NZtOJmGHf668j1j1U_&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5TgtGL-mZemMBorU_tMPybyJ-AzJntKxXL3plfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYxMTM0Njc2OTQ5MDEzODTIAQmpAgveFLCSULI-qAMByAMCqgT-AU_QwARggpZC3QXkkyYVHQv1MfhyDZiBateQjC71lKoTmhATi7OpOCbA7W8TV5EmU-uO6m35ehGkLzmsLGwR-Iz_wQxFCmmTxERnsdIqtrQ8nKTEWH_ilIeiZLkCjHBVM_tbAvJTEJM2IqnnX0OBz89xkesh7Qu74WHMiXG7kview_ZdASoNTzSzpIsbqlonUatS6WaWPee42uJcO-h3wTXNIsjLrnNww2o5LyrGAIIqvhsdZvpn6fBkfbfdAtiSTVFdGWfcpaTkN1Fa6QZa4yi2qH3Lz5ec-WP7B3o2548s8-t60OLY0pXduUDiaKp25IgTv2cS20mzCRsh5MvRgAaXj53usKe3k4kBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLrK8cq54oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_07TwD3ZVbiwc2Zxq1AupsClKG8yg%26client%3Dca-pub-6113467694901384%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Jan 2025 17:38:32 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2F44 2 KB
1 KB 39ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Jan 2025 17:38:32 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2F44 308 B
636 B 46ms
22ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 10 Jan 2025 17:38:32 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 2F44 293 B
621 B 48ms
25ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 10 Jan 2025 17:38:32 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 2F44 43 B
348 B 67ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zytLIZlQTjFV4Rra856wCkdd7IZbyeSTZcE1UBPiGSnzjmhPykUL-CjHQCdLJ2iL7wVPXXCdoK_GEEb_wzLfVSVx8mRCE_vzVOZzKGfq_ej8uxRIwaCFQPLIvMWN_VE54LWfmZZ4YyYTknLmPhuqCNI9o39RS9BeA5kD8yNtu-Owu3hC-_rOjuv80FqE0fKjZAG6TR_h1G2mURoBKfDYSVTqzpm0nDg9TkLG1xm-Av70U1xTvIolhD5-CZfsZLwIM6ciuJu96hLf1kN5ic9zMeIdCzR9jiRZ84XMIQB0M43aUqLT2RYZrk_kWUUZZKrtwYsW_wWqX_ffof8M8AHKbhlTgKVpfJsFD9X-gbMDzXfhi4W_Wa5AXXd5uxW_qTS7nrpz3gGClo9BgqdMtZuB3Fb2I6lTjzuT9e-uLWlf-JBQGyh7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 17:38:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1791857
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2F44 12 KB
5 KB 30ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6603547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83fQnI7pkKpJ4gvB29SmtbxcocXI03xL%2BWJPOIX3SDHAIOKlAB13ju5SPmUgdjT2Xc1eCwtaBhxD%2FxA5TyEsM67BgLb%2Br216BCOrhgXaM1puIP8I8NH5rcomiceW2doccCYsFvIGx%2B3ugK5zyTfwaYCy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 846821fa9fb81987-FRA
expires: Sun, 05 Jan 2025 17:38:32 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2F44 12 KB
6 KB 33ms
14ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Jan 2025 17:38:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2F44 65 KB
65 KB 52ms
24ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23367&q=80&r=0&u=https%3A%2F%2Fassets.documents.cimpress.io%2Fv2%2Ffulfillers%2F123815948%2Fcompositions%2F4c509c1e-a484-4ed4-be6c-06189a3f8d67%2Fassets%2F99c56e03-f8da-44fe-9878-d3ee42dd4184&v=3&w=800&rid=4&s=_o5LpiSwASguoDH8SQEpK8KR&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b9e4915a4bffe02fc124867244f3eef4df0156e6fb68bf57dba3cb86ea27c1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 66746
expires: Thu, 18 Jan 2024 07:47:10 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2F44 0
128 B 41ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=WKyv8QI9xeT9kvuwM33nmG6mHvMq9NCZCr3grPqyFt-vBBcJr5qf1931jyb_vvAFVKdzJ8M5K_QNfSZM-pjdTHWLDmUADC4ZwGKWuPRKs9TKbME3acwmdrwI2Uq7qv1fdy1f7_RWpCtBUG_h_s-89NXNuLzlqFPFwIMHwFdKv1LxC7PkyXXBOSn84ua-klsiVyNM1C0HxkQXspgKW7JGgpPA23H9wNp07odvX56WabHTmfAQZj315TvDf7qs6B2Znivl3Q&sds=2&rev=90178&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Jan 2024 17:38:32 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2F44 2 KB
1 KB 23ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Jan 2025 17:38:32 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2F44 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Jan 2025 17:38:32 GMT

GET
H2 200 poppins-400.css
static.criteo.net/design/googlefont/poppins/ Frame 2F44 1 KB
714 B 16ms
16ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/poppins/poppins-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ae18c6dd210db9e164ab3b6a9b64ded581f8981a819eb70c4cc05779913c1782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0d7-405"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Jan 2025 17:38:32 GMT

GET
H2 200 poppins-700.css
static.criteo.net/design/googlefont/poppins/ Frame 2F44 1 KB
714 B 15ms
14ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/poppins/poppins-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7daa38592e6029ec25860829e7d61ef3e7d547b18ebc2ad4a04b37f5c37c268f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:40 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0d8-405"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Jan 2025 17:38:32 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 2F44 2 KB
900 B 16ms
15ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Jan 2025 17:38:32 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 2F44 2 KB
899 B 17ms
17ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Jan 2025 17:38:32 GMT

GET
H2 200 poppins-400-latin.woff2
static.criteo.net/design/googlefont/poppins/ Frame 2F44 8 KB
8 KB 54ms
29ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/poppins/poppins-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/poppins/poppins-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a3f23333f71d0d99e810d428517a119f05cefbdc56272db5a3945a4e1e6d9069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/poppins/poppins-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0d7-1ecc"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Jan 2025 17:38:32 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 2F44 16 KB
17 KB 51ms
27ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Jan 2025 17:38:32 GMT

GET
H2 200 poppins-700-latin.woff2
static.criteo.net/design/googlefont/poppins/ Frame 2F44 8 KB
8 KB 31ms
14ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/poppins/poppins-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/poppins/poppins-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7e4c88b3fc3203823fa65955b4680676881fec87e67a01693c7c0f22259d59d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/poppins/poppins-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:40 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0d8-1e88"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Jan 2025 17:38:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F0B3 0
23 B 49ms
49ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4YBGGL-mZemMBorU_tMPybyJ-AzJntKxXL3plfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYxMTM0Njc2OTQ5MDEzODTIAQmpAgveFLCSULI-qAMByAMCqgT7AU_QwARggpZC3QXkkyYVHQv1MfhyDZiBateQjC71lKoTmhATi7OpOCbA7W8TV5EmU-uO6m35ehGkLzmsLGwR-Iz_wQxFCmmTxERnsdIqtrQ8nKTEWH_ilIeiZLkCjHBVM_tbAvJTEJM2IqnnX0OBz89xkesh7Qu74WHMiXG7kview_ZdASoNTzSzpIsbqlonUatS6WaWPee42uJcO-h3wTXNIsjLrnNww2o5LyrGAIIqvhsdZvpn6fBkfbfdAtiSTVFdGWfcpaTkN1Fa6QZa4yi2qH3Lz9We2PF7lKoLQV8LKWdaOUbW9Z9rs2766h6-2S7hAHk-w9F5nTvIgAaXj53usKe3k4kBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLrK8cq54oMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTYxMTM0Njc2OTQ5MDEzODQYAA&sigh=obEECaFk-8w&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_XJTkXHjbuhc5clGrC--SdWkNmx3CHqdzOHd01pypYTHBMACgd2eJBPOXP55kAq8LEJwNFqQJNFrnMANt85lcieoiW6nWHltrXBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=6040781975&adk=1434744299&adf=54630664&pi=t.ma~as.6040781975&w=1200&fwrn=4&fwrnh=100&lmt=1705426711&rafmt=1&format=1200x280&url=https%3A%2F%2Fkora2.arab4day.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705426711707&bpp=1&bdt=135&idt=264&shv=r20240109&mjsv=m202401090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=923100268974&frm=20&pv=2&ga_vid=654803885.1705426712&ga_sid=1705426712&ga_hid=1602125424&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080262%2C44809004%2C31080354%2C95320868%2C95320889%2C95321627%2C95322166&oid=2&pvsid=1991258701299480&tmod=28521631&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 Jan 2024 17:38:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Jan 2024 17:38:32 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame F0B3 0
126 B 79ms
15ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kpKDDsz6RLAJmAKdg2ICAgAAADmrbw5w0xZTSo0YjBAYv6Zl6FXq11K6wQ6OjgAAEgAACgpBUVVCRHdFQkR3&wp=Zaa_GAABhmkEf6oKAAJeSeuUT-40Fn7auXECvQ&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 147777
server: Kestrel
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 52ms
52ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f31b9410ee640e7dcb7b57d49ef3f7ef0f451d901534fd658eb228a0f43896b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kora2.arab4day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12436
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kora2.arab4day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Jan 2024 17:38:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 26A6 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kora2.arab4day.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18755
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 12:25:58 GMT
expires: Wed, 15 Jan 2025 12:25:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2EE2 829 B
1 KB 38ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0dd72ca333d6f8521b1df76a05181e52c3ba4bd4dcd2acc4809b895fa099d7b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--N3NeKm9ElRr39sutNXdeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kora2.arab4day.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--N3NeKm9ElRr39sutNXdeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 17:38:33 GMT
expires: Tue, 16 Jan 2024 17:38:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 26A6 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:55:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 08:55:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2EE2 0
0 37ms
36ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=1991258701299480&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 26A6 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?b5nRrw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:38:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 40ms
40ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=1991258701299480&bg=!ERKlEl3NAAaumcC-jpk7ADQBe5WfOEZOtLe8k-FSUDcG0qM5sJfigzQruyF2tukMDzgESw5rzh9oJ0dBTTM7XfGZB4rgAgAAADJSAAAAAWgBBwoACAD9NpYql8pimQK3j1M1143kz2l7wzMP2SHgH5Wumz-OH6DU4RGsYcR6M1sWmrY9ByCF3Jf6nIJl1QaHWsmc8R8NGM08od-odSjlEgJno7glDIrwZvKXkoP2ce7nuwLBg5jpmTUIpGZnGsoDxuhklJsh2ls-tkUr5u1KzW4GggJpK-Xi5KNNxpoEydPzKpUsvbz0LD0SQA6UmMcBxqbCqkH-zlZ0goC3yM7dkGS8W6S_bgelcnpBYjX8gBKTgbByj5Gb21cAKR6QDcQ24sgg2Kp3vWeka5xpMuKFcOrnxV8IApqSboyohhzkHvQcuZktdfS0GZ7wXUn9ukQmkvj15c2TkGy6ZYJvnH7LRva2S-CW7r8dCkZGKvz7eXMjQ8wZhIIJ9lcA6UeUJoI8168MW0qhLHilZO_iqxvUCKbJSLKGIKvoRspK6q0dbgfTST8B6t8wbfiqEbqx3wU5zB7hpD36DHBqS9jSe5mV5I1DnzuDzf1zDodQ-J8LuvM4NLUNWczmSO6OIvXV4w_WjPFxu06lasoc7x9VsV7FrWFVGLhJSBxk-TZxz4Of5DV3IZ7j_4nbqiB6cqaKYToGKCyef56wnLDzlQHIMOpx1hw9FRbYbDbkC4ll_sPpnL5KJEe7DpxDVsqCuXqE3aWE6xS5w5jilGz1hNzzk7koFnGY4KFGBs0mrA75iGLAaIR1H9K82vst-E2qjQolkJyPGbRqzXh-PC2CVMgfbKKTeKgc1NG_6i_5mkqqOBBFGchi0d-YNVvr8rIbZ7oWu0Us2Q2nItwv8QT6XTzBrRBYPx3Jq0pZuVAWRWgTAiR8iXFzKdnuJ8jqpDiyYm6_Yb5WoLMiD4fimi4B7AsaOa3RjWTMm9FcuUj614l_DhBZEFN5NzYNRz9y6INi6SPe8LBMkP4k9jTQ_5_ZZGIJT_XZUKUxx8LS4AE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kora2.arab4day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F0B3 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhn9w4rQCdRyNj54meVXvrP-9eIGwMFEOZlIvwnyXxUnhKYo1kxJfh4plkijG_47brc69OFbcurvcZjDM5qkPPdqIePoKMN8hq5bf-q7PTkzNKw3Z2&sig=Cg0ArKJSzLmN7c-7CmI2EAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1434744299&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705426711973&rpt=733&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 17:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2F44 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Jan 2024 17:38:33 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.arab4day.com/	1970-01-21 03:19:46	Name: _ga Value: GA1.1.654803885.1705426712
.arab4day.com/	1970-01-21 03:19:46	Name: _ga_HGM6D0832S Value: GS1.1.1705426711.1.0.1705426711.0.0.0
.arab4day.com/	1970-01-21 03:05:22	Name: __gads Value: ID=3f8d4a6a8c6cfba4:T=1705426712:RT=1705426712:S=ALNI_MYibjF0-vcZhBboOI6W2b8JpDEqWg
.arab4day.com/	1970-01-21 03:05:22	Name: __gpi Value: UID=00000cf8335b0b56:T=1705426712:RT=1705426712:S=ALNI_MZEvPjRIY70ZbzwCRSiAIzFNN3lsw
.doubleclick.net/	1970-01-21 03:05:22	Name: IDE Value: AHWqTUnQd4YnvdACzysrk2vhXnL34r8qsTVnbRjiDq94kkMf97KPv4w1n0IfslTnHX8

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4828851337835752&output=html&adk=1812271804&adf=3025194257&lmt=1705426711&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=https%3A%2F%2Fkora2.arab4day.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705426711705&bpp=2&bdt=133&idt=240&shv=r20240109&mjsv=m202401090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=923100268974&frm=20&pv=2&ga_vid=654803885.1705426712&ga_sid=1705426712&ga_hid=1602125424&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080262%2C44809004%2C31080354%2C95320868%2C95320889%2C95321627%2C95322166&oid=2&pvsid=1991258701299480&tmod=28521631&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=263 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6113467694901384&output=html&h=280&slotname=6040781975&adk=1434744299&adf=54630664&pi=t.ma~as.6040781975&w=1200&fwrn=4&fwrnh=100&lmt=1705426711&rafmt=1&format=1200x280&url=https%3A%2F%2Fkora2.arab4day.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705426711707&bpp=1&bdt=135&idt=264&shv=r20240109&mjsv=m202401090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=923100268974&frm=20&pv=2&ga_vid=654803885.1705426712&ga_sid=1705426712&ga_hid=1602125424&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31080262%2C44809004%2C31080354%2C95320868%2C95320889%2C95321627%2C95322166&oid=2&pvsid=1991258701299480&tmod=28521631&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=266 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
kora2.arab4day.com
pagead2.googlesyndication.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
178.250.1.6
2001:4860:4802:34::36
2606:4700:3030::ac43:b393
2606:4700:3031::6815:23d0
2606:4700::6811:180e
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2008
2a00:1450:4001:813::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0dd72ca333d6f8521b1df76a05181e52c3ba4bd4dcd2acc4809b895fa099d7b9
1751e8a77ba640db8479be8d56a8aeb6b8f70de0933e72a3f115aa6d7a5caf5f
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1939c44c4f0c2f231f1d7b137c8ea61292fb1b5af03445d951a3534a5e800475
195e8477d09f2cb72a658301e339cc931b55ad134ed59d65f1ad7fea9aa0520e
270295f6504be21e8cbb13c426ec73e28f507e473ac974d97f68f584ef14a6bc
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
364937f71d2c969d7077c14ee999ca24104eb92aa1da34a8e2659270faf0b4da
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
55269b4afa3116b33c52f1798707565205e4988f93e994922ae75033170517ae
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7daa38592e6029ec25860829e7d61ef3e7d547b18ebc2ad4a04b37f5c37c268f
8c3b6d17677a2741e576c256e8aec9fb3d1f67775073b16e83dc555abe059f06
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9d53c3b479a2e0d7c6b02a931b991ce5614377f3ad6fbc38ba8a3744cba5a2c7
9f31b9410ee640e7dcb7b57d49ef3f7ef0f451d901534fd658eb228a0f43896b
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3f23333f71d0d99e810d428517a119f05cefbdc56272db5a3945a4e1e6d9069
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
ae18c6dd210db9e164ab3b6a9b64ded581f8981a819eb70c4cc05779913c1782
b9e4915a4bffe02fc124867244f3eef4df0156e6fb68bf57dba3cb86ea27c1e7
c7e4c88b3fc3203823fa65955b4680676881fec87e67a01693c7c0f22259d59d
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c6a39cdb1f2dab900d10c83275e2e72e795325924c731d8fa0c49b9ec5ccb8
e643100c988192a6bc715a2cbff61e03b897839efa788738052daa0c2d8cff6d
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

kora2.arab4day.com Open in urlscan Pro 2606:4700:3031::6815:23d0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

94 %IPv6

10 Domains

15 Subdomains

16 IPs

3 Countries

712 kBTransfer

1805 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kora2.arab4day.com Open in urlscan Pro
2606:4700:3031::6815:23d0 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

94 %
IPv6

10
Domains

15
Subdomains

16
IPs

3
Countries

712 kB
Transfer

1805 kB
Size

5
Cookies

46 HTTP transactions
5 data transactions