questions.rawafedpor.com Open in urlscan Pro
2606:4700:3031::ac43:cafb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://navarroingenieros.com/newsian/index.php?k2
Effective URL:
https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money
Submission Tags: 7809177
Submission: On October 03 via api (October 3rd 2022, 2:12:40 pm UTC) from DE — Scanned from US

Summary HTTP 96 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 22 IPs in 1 countries across 17 domains to perform 96 HTTP transactions. The main IP is 2606:4700:3031::ac43:cafb, located in United States and belongs to CLOUDFLARENET, US. The main domain is questions.rawafedpor.com. The Cisco Umbrella rank of the primary domain is 499373.
TLS certificate: Issued by E1 on September 15th 2022. Valid for: 3 months.

This is the only time questions.rawafedpor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.185.154.250 192.185.154.250	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 2	108.179.252.182 108.179.252.182	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 1	2606:4700:303... 2606:4700:3032::6815:55c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:806::2004	15169 (GOOGLE) (GOOGLE)
13	2606:4700:303... 2606:4700:3031::ac43:cafb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
3	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
3	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
21	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
3	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
1	34.197.25.63 34.197.25.63	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	74.119.119.137 74.119.119.137	19750 (AS-CRITEO) (AS-CRITEO)
5	74.119.119.149 74.119.119.149	19750 (AS-CRITEO) (AS-CRITEO)
3	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
96	22

1 192.185.154.250 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-154-250.unifiedlayer.com

navarroingenieros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.179.252.182 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: br540-ip03.hostgator.com.br

angrasolucoes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:55c4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ois.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:806::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3031::ac43:cafb (United States)

ASN13335 (CLOUDFLARENET, US)

questions.rawafedpor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81e::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:822::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81f::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.25.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-25-63.compute-1.amazonaws.com

tk.svsound.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.137 (United States)

ASN19750 (AS-CRITEO, US)
PTR: pix.va1.vip.prod.criteo.com

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::200a (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	criteo.net static.criteo.net — Cisco Umbrella Rank: 789 pix.us.criteo.net — Cisco Umbrella Rank: 3575 csm.us.criteo.net — Cisco Umbrella Rank: 3389	132 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	241 KB
13	rawafedpor.com questions.rawafedpor.com — Cisco Umbrella Rank: 499373	89 KB
9	criteo.com rtb.va.us.criteo.com — Cisco Umbrella Rank: 7079 ads.us.criteo.com — Cisco Umbrella Rank: 3319 cat.va.us.criteo.com — Cisco Umbrella Rank: 4109	135 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	34 KB
3	gstatic.com fonts.gstatic.com	105 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	15 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	131 KB
3	google.com www.google.com — Cisco Umbrella Rank: 19 adservice.google.com — Cisco Umbrella Rank: 136	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	angrasolucoes.com.br 1 redirects angrasolucoes.com.br	288 B
1	svsound.com tk.svsound.com — Cisco Umbrella Rank: 184205	322 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	695 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	42 KB
1	ois.is 1 redirects ois.is — Cisco Umbrella Rank: 258588	658 B
1	navarroingenieros.com 1 redirects navarroingenieros.com	97 B
96	17

	Domain	Requested by
21	static.criteo.net	ads.us.criteo.com
13	questions.rawafedpor.com	www.google.com questions.rawafedpor.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	pagead2.googlesyndication.com	questions.rawafedpor.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
5	csm.us.criteo.net	ads.us.criteo.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	cdnjs.cloudflare.com
3	pix.us.criteo.net	ads.us.criteo.com
3	cdnjs.cloudflare.com	ads.us.criteo.com
3	cat.va.us.criteo.com	ads.us.criteo.com
3	ads.us.criteo.com	googleads.g.doubleclick.net
3	rtb.va.us.criteo.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.com	angrasolucoes.com.br tpc.googlesyndication.com
2	angrasolucoes.com.br	1 redirects
1	tk.svsound.com	ads.us.criteo.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	questions.rawafedpor.com
1	ois.is	1 redirects
1	navarroingenieros.com	1 redirects
96	23

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
*.angrasolucoes.com.br R3	`2022-09-22` - `2022-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.rawafedpor.com E1	`2022-09-15` - `2022-12-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-05` - `2022-10-30`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-30` - `2023-01-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
tk.svsound.com R3	`2022-08-16` - `2022-11-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-28` - `2022-11-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money
Frame ID: C6AD89BA1DC4F9C2786C97DB06E47665
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: 9989E4321A24B9A289FF5A506B1EEA05
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&adk=1812271804&adf=3025194257&lmt=1664806355&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355153&bpp=5&bdt=160&idt=136&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5241600284994&frm=20&pv=2&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=162
Frame ID: E109AF14725B0F0A67C83F8755A48B90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=640&slotname=4631947750&adk=449850582&adf=3674521187&pi=t.ma~as.4631947750&w=320&lmt=1664806355&psa=0&format=320x640&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355158&bpp=2&bdt=165&idt=161&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BTgDZSQfQW&p=https%3A//questions.rawafedpor.com&dtd=174
Frame ID: 5EA4D7B005B75F56C9BDC67AB792EC52
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=280&slotname=4767755106&adk=1142727135&adf=1528403788&pi=t.ma~as.4767755106&w=748&fwrn=4&fwrnh=100&lmt=1664806355&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355160&bpp=3&bdt=167&idt=175&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j4imHMAlDO&p=https%3A//questions.rawafedpor.com&dtd=185
Frame ID: 26E9AD39CA764F2F4C44FFD35E336AE1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=280&slotname=4767755106&adk=409732103&adf=318908456&pi=t.ma~as.4767755106&w=708&fwrn=4&fwrnh=100&lmt=1664806355&rafmt=1&psa=0&format=708x280&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355163&bpp=1&bdt=170&idt=188&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=4309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=M2jVFTHuva&p=https%3A//questions.rawafedpor.com&dtd=192
Frame ID: CFDC1F83D9D4C906C3ED142B906C21A7
Requests: 7 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Yzrt0wAFqgAKTAMEAAqtNkS74MRL200p1pm-cA&u=%7CCB%2BKO8uw6I6lBNUiGW8dSjt84c%2F5DfiGhU%2B7zm%2FqpQM%3D%7C&c1=7gfvdwnclaNOxMfwO7LPpgjdpB3353uJoj6v23HliKqwl1OophSbWYOWV603oo7hRT2_VnWg5tECtHg1Uo8EsalhRcFB8uWubIxc5ktold-j0-a-Lv7-kzKwJJ-SHkv89LNM0XBHqI0cgxHx1Xo4mV8Qmfxo6OyD3I8xldFq4QOaTSARzYsRtMWEvs5paQyezdBwmG0YnBpYxx-evI7Xchs_j-3DmpRz6KbDVJl3J1i-jyTRXnn-m1rsnMrPi80B6NLeW3t9oSqKfUVPM8T6P00DWTpTVjhBYunhD11dQffdi65140qKWXVIePpECHqGKfZDeHKGRJ3fE47DmSiRJHN1XKBG9c0asDf1TTcd4_gvocYYIoJcAJgipP7N7DQJ_Bzs0nJFTACT2NJHm5cEN2TvZI9SY6PlKf_ZEKcgk7Cms-ShnL2GRDqhAY7gefrR3c2l5Vev-rP8MDoRt6kS5L5JOPg9XRnLM1QEU91HgwjOP20tFzXTTmwTa-3FUswwX1rpXgnvWOfIdbXiZisg2C9VGUNvz7-2jZCnQz6fp3klltYTu5MCwskTu6Q-GKkrR4veKPeBkQUhy5K8sdLDhFqMt7T7x9FZb0XctXswPHvCl09UNlntBAvQ_k8_fDBStarAOHQAsQo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD1JD0-06Y4DUFoSGsAK22qrQBZyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi04NTk0NzkwNDI4MDY2MDE4oAGs3f7oA8gBCagDAaoEmQJP0MMPqJXItT-ci090ZRZem6zvaqUW5IZ-q-00i_FS3aYwlt2rZoiUOZDVkpr8t3gnqwDwjnmpXl3h1KIn7Z23sJzM2KQA6HD0VD155TQBJCmNS7bHJ0mznQLKvehp9y-4CyN7C4ivRMRFAMt2CKAWX4zqCe4fKpUigKOAwGEEHVleHb0DdZGX6RTHodttpuoMxAmFhBDBjLG_jep7M-fX1qgavia95bHqOvtwHm44SsMJRVYWXifdP7dgIrVxCrGXpyqmdgoFqhONn2SwbmvGfMuwtyf8LDDwR6isZyRJomV97gvhxbGoO4DnjXD1Hh_EojYzo6Tx2RSdLwEwgaqgVo24xy9Y7FC7lsRN9TCJuCBf785XMwJVfoAGpdvx8PGoiPgtoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2X1LXgbAw3EU8sbaSLMBMIx-PETw%26client%3Dca-pub-8594790428066018%26adurl%3D
Frame ID: 418AA3D8155F96D9B1184E9A2025493C
Requests: 15 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Yzrt0wAF7jAE0ADrAAzzn4SZ0H-lFrfpGPHo1g&u=%7CCB%2BKO8uw6I6h7E6sXev5cCaqxa4tt4j8WO5JoXIzhqc%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd-WsQaHOL91cWjEyJfbRKIeeqkFg11ain6gaBw8HlXroIk5WRMu0Oz4mAia7XDtaff5fYODHGs6qEEcKzBMY2GqXvrKIkqKlmYIR-tqXx_-2w8_ue3oBZJUh5wYrhCKF3fXX-oH_rLj2pWWTx6EnIg7HmRMTC191U4ArjPkTKTh_1s4-YPJhHNUQ14ai-IWblmK0EwXhXyhzwSV16fzP9cOCaVWAqlCzy6g_8nDn8zJP3ciuSa-M2PNjmudMSldH1kxSNl3_twzHLafWCwYElN3z6PqkYzzbPsqZHdM14E9ZEzcqoCqpWehp3KMMZEA-w_EyAo2uHJVm4bnHueiclFOKALbZomw_5NTFKIP97AiqRJYnZlt3fKZfkGT3TR34XA0-kvUbQbLrwzYOB9kz3bdsSUd2pd5rTc32H6MwEYAUZ8qIaJy_HN85AXqplCkR9xyzGKkXdHzPtDQ6YCiIkZR63no6qY_HZDhNFrI3ex5PTSMshWT9GKtsy0C32W5Q3nygbV9CewkfQuCpMX-6pfpO87aEL4rdB960FehlPU4mylmrwo1493RhrUKF-g6k_aFyLpp_3hYeA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMG6e0-06Y7DcF-uBwNYPn-ezuAWcge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODU5NDc5MDQyODA2NjAxOKABrN3-6APIAQmoAwGqBJkCT9D9NfzxVjzqpE64itDKfmpn0HEZz5_XWoxcmPVgfH1Xe7GQubi4muOvUxQb0Dh2ilRKnTkAQ3nGLaZ9_u6avzHzZ6PdGeUjC0E18qMSQJn9b_QDenpfh8gi7EmNSoFSd2ipemwHw0lEfrnAmHFVtrrBE74SF693OEEEHTLn6HzGN4S9EOgtiTJ-3wo-Gx3nlRZS38Tj8bQvawuF325JS3I20qOA8-i_nniaEm7-iqySO3gMlD6tc1_FLBOjCYjLMyE0BFALH6Ut7e5rAP_L6O0Yua01ojZgz4yUmQXSjOtBswEb0nKv1u-3ypRX5BbPSon3qYRYMvt4-O66PQKr2WIN6fFBjKaYIpZBUO7_lSl8QMtcIQoNYyyABvWL5b_pysH5F6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2H2VV93yLeyjnZ-7pa70pTKuXJaA%26client%3Dca-pub-8594790428066018%26adurl%3D
Frame ID: B702CCFBE26D2DF8640FEE8BFAF0CB9F
Requests: 15 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Yzrt0wAFv8QE0ADcAAre3-x4iWYo3JpY1vgBXQ&u=%7CCB%2BKO8uw6I5v9iT%2F0eeHBti2z4ha7YQ9mHiUThPGg%2Bo%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd-WsQaHOL91cWjEyJfbRKIezWXmxChMzOwNeFNmW4BvNHr1AN2IM9AE2q2-bs3KInDq4dUg2Ea8q38ivH4xWF6xno10-LStQKToeOiXw6siQ1sfI4WEueelWbP7Q1fDAkAr4G9qjEp0oK2x0R-f4sjXplgSrHDntEMS97VO4Gt5OadJsd5_sBrdgTf41fnbs_z7nWoLd2fAmV7Y1j1tZuf6PecU9UcCa-cVB5N1CKAUkIuSagCimtj4EPaJK7lGjPzaWrBdcKzYWXUGFqQSts9Jv8vadP0LO_T00HVfNhsA_RtPZmp924UBIWS4hibqSCCc4UekHi2DQ_UqrQStg_yUDxtg0NPI1oKZjJoveQrPgibBT5NBJW6TzqxSe-gDIZxRLaCro0P6r72gB0d8PUPVl_aJizoWjvJqojQd0kUa6ME67M3Nn3oG_HcGE9HL3mX5B4vziQs5tF6FkkaW1bw2obD4gkDeSOQq5eI3sXJvHmyM7aNMSSqIUSwMlb0HnPDv6JIEVt3ykV2IPa_-FY6ieex4suc2T5EpXexKDOxQ3PI5qV7586ZHUo6Xr6UGw-219sGpscEOqw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRJrM0-06Y8T_FtyBwNYP372r2Aicge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTg1OTQ3OTA0MjgwNjYwMTigAazd_ugDyAEJqAMBqgSUAk_QTmP5kdx0mR_9BzDnt9Ljv15LaJie1KmuINIR7yPxn6toAK_zLiqpDMuyvaOh44h9A7j-0VKRH3QKEqvTvvnBs7FQa1A8lM_qy-caap8KeTZbWb3SKKehvgH3wfap2cudlLMl-rXJfNIqBcl3v6ISQ_WUhEXOw0kvcZkQ63lR5rgyhZObf0F7gjaJvvjeA4-QeXKlVOCeDWsXq_7EPXFa5SBch1TLp_hgowxj2cZk92FIx9OI7l-ThjBwBEcqo4Nwk-hvSPFxsa2DQJ9ZzsW3LlD4bSeCPv0DI_52FbfAIGP4-68wvHHGkC9L9gerDxyt6mWUQtM8--A8X2LXakBXuIskUBPrQRX0BCJCuN-5qn3YOYAG9Yvlv-nKwfkXoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pLkDOi3HeuC9Xp4jdPSwmfMhdWw%26client%3Dca-pub-8594790428066018%26adurl%3D
Frame ID: 8658D0F260206493A30FD2A82E31D955
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5DBBBEE2CAE58B3B01CEF40D96E93B82
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 26B838FAA29C685CA5D0C1479E422CA3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The best ways to profit from the Internet, where you can make money - Rawafedpor Q&A

Page URL History Show full URLs

https://navarroingenieros.com/newsian/index.php?k2 HTTP 302
https://angrasolucoes.com.br/usx HTTP 301
https://angrasolucoes.com.br/usx/ Page URL
https://ois.is/images/logo.png HTTP 302
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjz64zdqKH6... Page URL
https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

96
Requests

100 %
HTTPS

74 %
IPv6

17
Domains

23
Subdomains

22
IPs

1
Countries

949 kB
Transfer

2220 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://navarroingenieros.com/newsian/index.php?k2 HTTP 302
https://angrasolucoes.com.br/usx HTTP 301
https://angrasolucoes.com.br/usx/ Page URL
https://ois.is/images/logo.png HTTP 302
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjz64zdqKH6AhVE6qQKHYWoCtkQFnoECAQQAQ&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&usg=AOvVaw33GmP32biwW5vnyLbAEWWt Page URL
https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://navarroingenieros.com/newsian/index.php?k2 HTTP 302
https://angrasolucoes.com.br/usx HTTP 301
https://angrasolucoes.com.br/usx/

Request Chain 1

https://ois.is/images/logo.png HTTP 302
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjz64zdqKH6AhVE6qQKHYWoCtkQFnoECAQQAQ&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&usg=AOvVaw33GmP32biwW5vnyLbAEWWt

96 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

/
angrasolucoes.com.br/usx/
Redirect Chain

https://navarroingenieros.com/newsian/index.php?k2
https://angrasolucoes.com.br/usx
https://angrasolucoes.com.br/usx/

145 B
186 B

60ms
59ms

Document
text/html

108.179.252.182
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://angrasolucoes.com.br/usx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.179.252.182 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: br540-ip03.hostgator.com.br
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-length: 123
content-type: text/html;charset=utf-8
date: Mon, 03 Oct 2022 14:12:34 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

content-length: 241
content-type: text/html; charset=iso-8859-1
date: Mon, 03 Oct 2022 14:12:34 GMT
location: https://angrasolucoes.com.br/usx/
server: Apache

GET
H2

200

url
www.google.com/
Redirect Chain

https://ois.is/images/logo.png
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjz64zdqKH6AhVE6qQKHYWoCtkQFnoECAQQAQ&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profi...

1 KB
1 KB

61ms
38ms

Document
text/html

2607:f8b0:4006:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjz64zdqKH6AhVE6qQKHYWoCtkQFnoECAQQAQ&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&usg=AOvVaw33GmP32biwW5vnyLbAEWWt

Requested by

Host: angrasolucoes.com.br
URL: https://angrasolucoes.com.br/usx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://angrasolucoes.com.br/usx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 517
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 14:12:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 754646049bfb1962-EWR
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 14:12:34 GMT
location: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjz64zdqKH6AhVE6qQKHYWoCtkQFnoECAQQAQ&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&usg=AOvVaw33GmP32biwW5vnyLbAEWWt
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUyCOeaG%2B7jEHrNnskU4SAl%2FVmF7hgHF5z3awnF%2Fd0sk6wEchsmMO4X181Vq3CFHJR2QZhTDfMA0z8ZoqX%2FWCZZpkpZOPxSNAxX4ZyO1A%2FTY6SA5qcW52YJ30ckf%2FA9ObWeqLLk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Primary Request the-best-ways-profit-from-the-internet-where-you-can-make-money Show response
questions.rawafedpor.com/4724/ 39 KB
10 KB 173ms
147ms Document
text/html 2606:4700:3031::ac43:cafb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjz64zdqKH6AhVE6qQKHYWoCtkQFnoECAQQAQ&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&usg=AOvVaw33GmP32biwW5vnyLbAEWWt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cafb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6613ca4bbe4f86468e9b9f5a6b239c68f19f5474bb2b07fb8a63d8aaa5a69bfb

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75464605ca498cb9-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 14:12:34 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pE6NFnQfaLGcwlau8LRXyNwh4swEYXu7LmGUlgGYRLyZ69Bwzb93N8jFXP0FmD%2FGnpWchbnnxkJsZaMNuDLMcLsf%2BbNBMLAJ9YPa%2Bm2aWwVs5uhbP2etnrMuCnjiBPGGOWbALyfVy0ctuj6nIwYdX%2Bd6c73RzmA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 qa-styles.css
questions.rawafedpor.com/qa-theme/SnowFlat/ 56 KB
11 KB 24ms
23ms Stylesheet
text/css 2606:4700:3031::ac43:cafb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: questions.rawafedpor.com
URL: https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cafb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1650a2bc457aa28b1f50c92cd2a2cbf1158664b717627f4cca2c9748a8eb8b5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 16 Apr 2022 22:24:36 GMT
server: cloudflare
age: 6809
cf-polished: origSize=71322
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j91NTpbI91byA0Z1fEeNACd15h1ASNsXu78Ht%2BtRI92VNPO5Pn9LRXAF7o7voRs91upwoyTkODwHOz0x5ytEKohFdqSaIRNUNf54%2FKrSqBZrMOzTiEsQxxbRsf0zQBxOeWH%2Bbeqrm%2F3y9nL1O9Esokn60ITHEZk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 75464606cc828cb9-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
questions.rawafedpor.com/qa-content/ 87 KB
32 KB 30ms
29ms Script
application/javascript 2606:4700:3031::ac43:cafb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://questions.rawafedpor.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: questions.rawafedpor.com
URL: https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cafb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 16 Apr 2022 22:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5743
etag: W/"3c3f45-15d86-5dcccfdf9d100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylKQ23DB2yXNgpS%2Bs0Sxu%2BUUAdp8j0jjxedYaPYTpGIcxMBajPjxulJ1kMkGiI1doK5eq%2B7q9cvrQjlknAsK06bYp4Zv24szhV%2B6wvHX5OtgJLkLru45O9ats2MCyz9oazJRridbQhrZCdgVACUsX%2B%2B7i3S6cHc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75464606cc878cb9-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 qa-global.js Show response
questions.rawafedpor.com/qa-content/ 15 KB
4 KB 38ms
37ms Script
application/javascript 2606:4700:3031::ac43:cafb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://questions.rawafedpor.com/qa-content/qa-global.js?1.8.6
Requested by: Host: questions.rawafedpor.com
URL: https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cafb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3671
cf-polished: origSize=20550
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 16 Apr 2022 22:24:36 GMT
server: cloudflare
etag: W/"3c3f4a-5046-5dcccfdf9d100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0MDkYP92G77ffUYGv4ILzZrXjoX4AFPYZhEmlrZIU9foiieKaSofgatfUqrJB6qgpCYDRTykAYxITV7HJSQnIbj05yOA09t63qq%2FgLm%2FTdPXgQamYY%2FYByMXns5%2FTV%2FhqQ4fJZku%2BDASqJW%2B5t5mYRLe3dQ8%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75464606cc8c8cb9-EWR

GET
H2 200 snow-core.js Show response
questions.rawafedpor.com/qa-theme/SnowFlat/js/ 1 KB
756 B 37ms
36ms Script
application/javascript 2606:4700:3031::ac43:cafb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: questions.rawafedpor.com
URL: https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cafb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5743
cf-polished: origSize=2383
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 16 Apr 2022 22:24:36 GMT
server: cloudflare
etag: W/"3c3faf-94f-5dcccfdf9d100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsCud5ULbEk6dONoGafBAQuEXqXd8W1TBg06FwL%2B1sd%2BjxFw8A5DiHQdy4Q8AtpJE9PGyOVHI6exxHuSh%2B8Dtez%2FptzkUyGVtK1j0vrl9zExXaUrTArzjTr%2FaqQrRF92FILlSyhIrj1HTwULiBpu6Nu1t1zKK7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75464606cc8f8cb9-EWR

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
54 KB 59ms
35ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8594790428066018

Requested by

Host: questions.rawafedpor.com
URL: https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b753a3bacc8e007a76f5204f7e577ce0de6d41cc8f2e72f24e5f0d6ee38bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://questions.rawafedpor.com/
Origin: https://questions.rawafedpor.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54408
x-xss-protection: 0
server: cafe
etag: 380722901870815987
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 14:12:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 43ms
19ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-62733008-16

Requested by

Host: questions.rawafedpor.com
URL: https://questions.rawafedpor.com/4724/the-best-ways-profit-from-the-internet-where-you-can-make-money

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a39959bc9a2a66fee7f2527ac60ccb4778d84e94f0b3200466e2f1726a112e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42377
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Oct 2022 14:12:35 GMT

GET
H3 200 vote-buttons-3.png
questions.rawafedpor.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 23ms
22ms Image
image/png 2606:4700:3031::ac43:cafb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: questions.rawafedpor.com
URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:cafb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
cf-cache-status: HIT
last-modified: Sat, 16 Apr 2022 22:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7040
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKJ2UtExBKTk4iOLWEgeq3l0R4JDcI8w9XHIqWP9uNi%2FoOFCuakpZHQKcmGkzPtKsody3cbmAxdVL3qeFgTvki3YdEDWppa2htPxUdIshgpPTnoTZ6R32Acw8Oc6St2lYbdkOnwfzv422EE5dcexN1iMl5T6SV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7546460718da8cb7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1457

GET
H3 200 fontello.woff
questions.rawafedpor.com/qa-theme/SnowFlat/fonts/ 7 KB
8 KB 29ms
28ms Font
font/woff 2606:4700:3031::ac43:cafb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: questions.rawafedpor.com
URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:cafb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://questions.rawafedpor.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
cf-cache-status: HIT
last-modified: Sat, 16 Apr 2022 22:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1568
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5B3hg6JgHf9%2FLy0g7srdhs4EAKbB236THOMImmvrca4qUS%2BDDb7M%2B9NA5P2D1W0IJbTUGPssCe6GaLj7t5uti1msF%2F5ZMAf9zlfXxYpoxTTAC8OmnxfrRwanCNc2dtdrCuotktqNqmD%2F4DDMWxpyumpCjaFd%2FII%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7546460718e08cb7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7200

GET
H3 200 answer-white.png
questions.rawafedpor.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 23ms
21ms Image
image/png 2606:4700:3031::ac43:cafb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: questions.rawafedpor.com
URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:cafb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
cf-cache-status: HIT
last-modified: Sat, 16 Apr 2022 22:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2604
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FPPQfl3PFMO9m3TeJl4wFiC4ZSN%2BgS9YEMKHk%2FS%2BT5Ax0i%2B3g0fpPB9KzVeGgYTvdUq30tgINh1%2FZaaeMJ8rqBqZoaRrH3Zn%2FS%2BKKADVMVdKCXHHYTtPrKv%2BoYBNeCht%2Bqw3bdVKcr1ShWgRFdnRGvAuDrb%2Bi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75464607392b8cb7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2867

GET
H3 200 answer-select.png
questions.rawafedpor.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 16ms
15ms Image
image/png 2606:4700:3031::ac43:cafb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: questions.rawafedpor.com
URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:cafb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
cf-cache-status: HIT
last-modified: Sat, 16 Apr 2022 22:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2604
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EY1fSBrNH%2FGcNbnWOUSqvt%2BjkX36tj35BrmtND8R5ky9ppQ6ofAmzSPgckx4fLaYpYSXOmjXROqnvfTEkwDz2QOx31D29kEZQL%2B5nfTc%2Bf6KYwVfK7xKW0fKeYGb8xQ3RIJaB95LxoudW5e3ZTH3%2FnDoQcXtU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75464607392e8cb7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1831

GET
H3 200 link-white.png
questions.rawafedpor.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 16ms
15ms Image
image/png 2606:4700:3031::ac43:cafb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: questions.rawafedpor.com
URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:cafb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
cf-cache-status: HIT
last-modified: Sat, 16 Apr 2022 22:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6809
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCd%2BI4j95H3pp7UQVvaSQ%2BiAXiPzOJAQc8xE%2BbAzTqOpaSz2SZ8FmHCwoKXsu%2FIuEUmPanDIz%2BqRiA1hBnijzVpx0dIWsGxEZBAds8BFbZDTO1KJzGlhECGPjO5Blll4%2BWsmcgEfjtzYZ9O%2B2wizTfhkrzgCwY0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7546460759828cb7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3026

GET
H3 200 comment-white.png
questions.rawafedpor.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 26ms
25ms Image
image/png 2606:4700:3031::ac43:cafb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: questions.rawafedpor.com
URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:cafb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
cf-cache-status: HIT
last-modified: Sat, 16 Apr 2022 22:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6809
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tE1g5QZTEd54tRz2dYBzra5Fy%2FdWGPMboBUjRHx5UIhSEGcsb7MBQCnqeV5FLipwUZJIZZ%2FS%2BdhPUjOaVkGNJAtA6KV6gV8bq5%2BqIBghSjbV0IzmBJcbdNJk0sWCeS0mxsC6o%2FumeeBFCCBx1sW6qEuO35TGcJE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7546460759858cb7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2906

GET
H3 200 search-icon-white.png
questions.rawafedpor.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 26ms
26ms Image
image/png 2606:4700:3031::ac43:cafb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: questions.rawafedpor.com
URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:cafb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
cf-cache-status: HIT
last-modified: Sat, 16 Apr 2022 22:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4196
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8xs1Azo1rNW0m0ViuPzpUJt63RJUqVshzYMBypUHqJX8X2QEqGYxoBVczp%2BcITftzCTUwOgytCaJS%2B2wxcI0rAAlL4Ppg%2F0odPjAAwM8jXBooTfnNzEm9B0Y26sS8MNvjYwgl3YGxwNWwuaIDspTWe57LdE6SY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7546460759878cb7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1412

GET
H3 200 spinner-icon-14x14.gif
questions.rawafedpor.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 16ms
15ms Image
image/gif 2606:4700:3031::ac43:cafb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: questions.rawafedpor.com
URL: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:cafb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
cf-cache-status: HIT
last-modified: Sat, 16 Apr 2022 22:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7000
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8zyFbCK8YxBDdx8mtxPwrVqpVisBhVBzkABfZ9HqiiJNCqTOth5FJ8eOi%2FbllWZwvvXQxavETr9Jv8cDi3t3aqzgd4VHoepb4TTjeVpXXNh9JpIH8j8FFmXWknIcTl4GbReA%2FH1DVwKfVCwtpr6lH3TlKURwIk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75464607698c8cb7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7781

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 26ms
6ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62733008-16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 12:34:58 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 5857
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Mon, 03 Oct 2022 14:34:58 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/ 348 KB
123 KB 76ms
61ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8594790428066018

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1760653cea08d53dd5523299a7e26aa001ef6f5865de7e9a20dfda125a6b64c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125646
x-xss-protection: 0
server: cafe
etag: 10038457083550654109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 14:12:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame 9989 10 KB
5 KB 25ms
4ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8594790428066018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://questions.rawafedpor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 30923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 05:37:12 GMT
etag: 9671129459699598864
expires: Mon, 17 Oct 2022 05:37:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 32ms
19ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1938986092&t=pageview&_s=1&dl=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=The%20best%20ways%20to%20profit%20from%20the%20Internet%2C%20where%20you%20can%20make%20money%20-%20Rawafedpor%20Q%26A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1126346182&gjid=2074666389&cid=372082401.1664806355&tid=UA-62733008-16&_gid=1406484023.1664806355&_r=1&gtm=2ou9s0&z=1329393336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://questions.rawafedpor.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 14:12:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://questions.rawafedpor.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
695 B 91ms
28ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=questions.rawafedpor.com&callback=_gfp_s_&client=ca-pub-8594790428066018&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bc542ce3b1df2006856fb35b9af8844822261f9dc629e8729461292fb459c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 62ms
28ms Script
application/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=questions.rawafedpor.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E109 0
19 B 89ms
68ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&adk=1812271804&adf=3025194257&lmt=1664806355&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355153&bpp=5&bdt=160&idt=136&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5241600284994&frm=20&pv=2&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=162

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://questions.rawafedpor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 14:12:35 GMT
expires: Mon, 03 Oct 2022 14:12:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5EA4 23 KB
10 KB 392ms
387ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=640&slotname=4631947750&adk=449850582&adf=3674521187&pi=t.ma~as.4631947750&w=320&lmt=1664806355&psa=0&format=320x640&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355158&bpp=2&bdt=165&idt=161&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BTgDZSQfQW&p=https%3A//questions.rawafedpor.com&dtd=174

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56f7ba15b892bafcbb135daa7922c2e40eb4b449de6303be038bd097fa5c95bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://questions.rawafedpor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9940
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 14:12:35 GMT
expires: Mon, 03 Oct 2022 14:12:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 26E9 23 KB
10 KB 481ms
480ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=280&slotname=4767755106&adk=1142727135&adf=1528403788&pi=t.ma~as.4767755106&w=748&fwrn=4&fwrnh=100&lmt=1664806355&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355160&bpp=3&bdt=167&idt=175&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j4imHMAlDO&p=https%3A//questions.rawafedpor.com&dtd=185

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7fd4458086b9fee5b93cc442cec9750de6ba2fcb081f2428ae1461621a4bf35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://questions.rawafedpor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9886
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 14:12:35 GMT
expires: Mon, 03 Oct 2022 14:12:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CFDC 23 KB
10 KB 457ms
453ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=280&slotname=4767755106&adk=409732103&adf=318908456&pi=t.ma~as.4767755106&w=708&fwrn=4&fwrnh=100&lmt=1664806355&rafmt=1&psa=0&format=708x280&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355163&bpp=1&bdt=170&idt=188&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=4309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=M2jVFTHuva&p=https%3A//questions.rawafedpor.com&dtd=192

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a3af43c32f7b69d7e48e774bad69e1f9cf57c6af0f9e02985a5abc461b3cec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://questions.rawafedpor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9928
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 14:12:35 GMT
expires: Mon, 03 Oct 2022 14:12:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 5EA4 3 KB
1 KB 37ms
7ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=640&slotname=4631947750&adk=449850582&adf=3674521187&pi=t.ma~as.4631947750&w=320&lmt=1664806355&psa=0&format=320x640&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355158&bpp=2&bdt=165&idt=161&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BTgDZSQfQW&p=https%3A//questions.rawafedpor.com&dtd=174

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 14:05:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 5EA4 17 KB
8 KB 35ms
6ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 14:09:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5EA4 140 KB
44 KB 62ms
30ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Oct 2022 14:12:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5EA4 0
0 114ms
113ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpD_W0-06Y4DUFoSGsAK22qrQBZyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi04NTk0NzkwNDI4MDY2MDE4oAGs3f7oA8gBCagDAaoElgJP0MMPqJXItT-ci090ZRZem6zvaqUW5IZ-q-00i_FS3aYwlt2rZoiUOZDVkpr8t3gnqwDwjnmpXl3h1KIn7Z23sJzM2KQA6HD0VD155TQBJCmNS7bHJ0mznQLKvehp9y-4CyN7C4ivRMRFAMt2CKAWX4zqCe4fKpUigKOAwGEEHVleHb0DdZGX6RTHodttpuoMxAmFhBDBjLG_jep7M-fX1qgavia95bHqOvtwHm44SsMJRVYWXifdP7dgIrVxCrGXpyqmdgoFqhONn2SwbmvGfMuwtyf8LDDwR6isZyRJomV97gvhxbGoO4DnjXD1Hh_E4DQTMQ8DUBRepmy8atAplTqE7yZ29JQgZb7EPI6XlDj2OV9X8IAGpdvx8PGoiPgtoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODU5NDc5MDQyODA2NjAxOBgA&sigh=PJzPztaCaGI&uach_m=[UACH]&cid=CAQSGwCsnQUxqDZyMngG70IyNaIeLTG55YDMCpnewxgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=640&slotname=4631947750&adk=449850582&adf=3674521187&pi=t.ma~as.4631947750&w=320&lmt=1664806355&psa=0&format=320x640&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355158&bpp=2&bdt=165&idt=161&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BTgDZSQfQW&p=https%3A//questions.rawafedpor.com&dtd=174
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Oct 2022 14:12:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Oct 2022 14:12:35 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 5EA4 0
0 47ms
11ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kPmbDs36RMACgAXiIp0XAgAAAOZT8NXpbKLyENPtOmMXPwPyyPR_kLi2zQASAAA&wp=Yzrt0wAFqgAKTAMEAAqtNkS74MRL200p1pm-cA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 182132
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 418A 132 KB
47 KB 149ms
70ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Yzrt0wAFqgAKTAMEAAqtNkS74MRL200p1pm-cA&u=%7CCB%2BKO8uw6I6lBNUiGW8dSjt84c%2F5DfiGhU%2B7zm%2FqpQM%3D%7C&c1=7gfvdwnclaNOxMfwO7LPpgjdpB3353uJoj6v23HliKqwl1OophSbWYOWV603oo7hRT2_VnWg5tECtHg1Uo8EsalhRcFB8uWubIxc5ktold-j0-a-Lv7-kzKwJJ-SHkv89LNM0XBHqI0cgxHx1Xo4mV8Qmfxo6OyD3I8xldFq4QOaTSARzYsRtMWEvs5paQyezdBwmG0YnBpYxx-evI7Xchs_j-3DmpRz6KbDVJl3J1i-jyTRXnn-m1rsnMrPi80B6NLeW3t9oSqKfUVPM8T6P00DWTpTVjhBYunhD11dQffdi65140qKWXVIePpECHqGKfZDeHKGRJ3fE47DmSiRJHN1XKBG9c0asDf1TTcd4_gvocYYIoJcAJgipP7N7DQJ_Bzs0nJFTACT2NJHm5cEN2TvZI9SY6PlKf_ZEKcgk7Cms-ShnL2GRDqhAY7gefrR3c2l5Vev-rP8MDoRt6kS5L5JOPg9XRnLM1QEU91HgwjOP20tFzXTTmwTa-3FUswwX1rpXgnvWOfIdbXiZisg2C9VGUNvz7-2jZCnQz6fp3klltYTu5MCwskTu6Q-GKkrR4veKPeBkQUhy5K8sdLDhFqMt7T7x9FZb0XctXswPHvCl09UNlntBAvQ_k8_fDBStarAOHQAsQo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD1JD0-06Y4DUFoSGsAK22qrQBZyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi04NTk0NzkwNDI4MDY2MDE4oAGs3f7oA8gBCagDAaoEmQJP0MMPqJXItT-ci090ZRZem6zvaqUW5IZ-q-00i_FS3aYwlt2rZoiUOZDVkpr8t3gnqwDwjnmpXl3h1KIn7Z23sJzM2KQA6HD0VD155TQBJCmNS7bHJ0mznQLKvehp9y-4CyN7C4ivRMRFAMt2CKAWX4zqCe4fKpUigKOAwGEEHVleHb0DdZGX6RTHodttpuoMxAmFhBDBjLG_jep7M-fX1qgavia95bHqOvtwHm44SsMJRVYWXifdP7dgIrVxCrGXpyqmdgoFqhONn2SwbmvGfMuwtyf8LDDwR6isZyRJomV97gvhxbGoO4DnjXD1Hh_EojYzo6Tx2RSdLwEwgaqgVo24xy9Y7FC7lsRN9TCJuCBf785XMwJVfoAGpdvx8PGoiPgtoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2X1LXgbAw3EU8sbaSLMBMIx-PETw%26client%3Dca-pub-8594790428066018%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c912c56a6223ff8dcb979d181de55f8dfe5ddd8690b7617352683b568b4b3d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 14:12:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=0aDzYhVA142l_20J7scs3rtFKaYz1UOoDcLSQjV7KFxN36OuPerizgjt_aLPKLeygOparTz2CdqYxf5_7LNLPvm3eXyBeV61WFvi04Wrq0hXi-PtLdWJuD8phyl9-qmmMSOOLANL1-Rt-0NtkKoz9ZvjjUVruNXLeJBgaZ1dCrkY55lPaMn9_GmmIaqOXCLkr1HhYN3Xd4lJI9y1sm0gF0PjPqKiR-3e0v611V6yYfGUnuLIs6clFllYXOavSrcsnGr5uA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 59371263
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame CFDC 3 KB
1 KB 28ms
6ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=280&slotname=4767755106&adk=409732103&adf=318908456&pi=t.ma~as.4767755106&w=708&fwrn=4&fwrnh=100&lmt=1664806355&rafmt=1&psa=0&format=708x280&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355163&bpp=1&bdt=170&idt=188&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=4309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=M2jVFTHuva&p=https%3A//questions.rawafedpor.com&dtd=192

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 14:10:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame CFDC 17 KB
7 KB 26ms
5ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 14:09:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CFDC 140 KB
44 KB 62ms
46ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Oct 2022 14:12:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CFDC 0
0 119ms
115ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxuLR0-06Y7DcF-uBwNYPn-ezuAWcge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODU5NDc5MDQyODA2NjAxOKABrN3-6APIAQmoAwGqBJYCT9D9NfzxVjzqpE64itDKfmpn0HEZz5_XWoxcmPVgfH1Xe7GQubi4muOvUxQb0Dh2ilRKnTkAQ3nGLaZ9_u6avzHzZ6PdGeUjC0E18qMSQJn9b_QDenpfh8gi7EmNSoFSd2ipemwHw0lEfrnAmHFVtrrBE74SF693OEEEHTLn6HzGN4S9EOgtiTJ-3wo-Gx3nlRZS38Tj8bQvawuF325JS3I20qOA8-i_nniaEm7-iqySO3gMlD6tc1_FLBOjCYjLMyE0BFALH6Ut7e5rAP_L6O0Yua01ojZgz4yUmQXSjOtBswEb0nKv1u-3ypRX5BbPSsv1iRbzwHJ4O2fXsenRUKG61dlIor5cuWU72SdBiwVk6R3NIcmABvWL5b_pysH5F6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg1OTQ3OTA0MjgwNjYwMTgYAA&sigh=pI0rmHt6i4A&uach_m=[UACH]&cid=CAQSGwCsnQUxkjEvNvzB6-_ZNzTMcbHKygEBnYa8dBgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=280&slotname=4767755106&adk=409732103&adf=318908456&pi=t.ma~as.4767755106&w=708&fwrn=4&fwrnh=100&lmt=1664806355&rafmt=1&psa=0&format=708x280&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355163&bpp=1&bdt=170&idt=188&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=4309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=M2jVFTHuva&p=https%3A//questions.rawafedpor.com&dtd=192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Oct 2022 14:12:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Oct 2022 14:12:35 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame CFDC 0
0 14ms
10ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kOe3Ec36RMQFmALiIp0XAgAAALNDxXziJgV4ENPtOmO2gblD-Zf0hibDSQASAAA&wp=Yzrt0wAF7jAE0ADrAAzzn4SZ0H-lFrfpGPHo1g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 160792
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame B702 134 KB
46 KB 60ms
50ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Yzrt0wAF7jAE0ADrAAzzn4SZ0H-lFrfpGPHo1g&u=%7CCB%2BKO8uw6I6h7E6sXev5cCaqxa4tt4j8WO5JoXIzhqc%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd-WsQaHOL91cWjEyJfbRKIeeqkFg11ain6gaBw8HlXroIk5WRMu0Oz4mAia7XDtaff5fYODHGs6qEEcKzBMY2GqXvrKIkqKlmYIR-tqXx_-2w8_ue3oBZJUh5wYrhCKF3fXX-oH_rLj2pWWTx6EnIg7HmRMTC191U4ArjPkTKTh_1s4-YPJhHNUQ14ai-IWblmK0EwXhXyhzwSV16fzP9cOCaVWAqlCzy6g_8nDn8zJP3ciuSa-M2PNjmudMSldH1kxSNl3_twzHLafWCwYElN3z6PqkYzzbPsqZHdM14E9ZEzcqoCqpWehp3KMMZEA-w_EyAo2uHJVm4bnHueiclFOKALbZomw_5NTFKIP97AiqRJYnZlt3fKZfkGT3TR34XA0-kvUbQbLrwzYOB9kz3bdsSUd2pd5rTc32H6MwEYAUZ8qIaJy_HN85AXqplCkR9xyzGKkXdHzPtDQ6YCiIkZR63no6qY_HZDhNFrI3ex5PTSMshWT9GKtsy0C32W5Q3nygbV9CewkfQuCpMX-6pfpO87aEL4rdB960FehlPU4mylmrwo1493RhrUKF-g6k_aFyLpp_3hYeA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMG6e0-06Y7DcF-uBwNYPn-ezuAWcge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODU5NDc5MDQyODA2NjAxOKABrN3-6APIAQmoAwGqBJkCT9D9NfzxVjzqpE64itDKfmpn0HEZz5_XWoxcmPVgfH1Xe7GQubi4muOvUxQb0Dh2ilRKnTkAQ3nGLaZ9_u6avzHzZ6PdGeUjC0E18qMSQJn9b_QDenpfh8gi7EmNSoFSd2ipemwHw0lEfrnAmHFVtrrBE74SF693OEEEHTLn6HzGN4S9EOgtiTJ-3wo-Gx3nlRZS38Tj8bQvawuF325JS3I20qOA8-i_nniaEm7-iqySO3gMlD6tc1_FLBOjCYjLMyE0BFALH6Ut7e5rAP_L6O0Yua01ojZgz4yUmQXSjOtBswEb0nKv1u-3ypRX5BbPSon3qYRYMvt4-O66PQKr2WIN6fFBjKaYIpZBUO7_lSl8QMtcIQoNYyyABvWL5b_pysH5F6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2H2VV93yLeyjnZ-7pa70pTKuXJaA%26client%3Dca-pub-8594790428066018%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e54d8adc6e997ebb636a5c1021475722aa7fcdd79f9b1c157b81404c4f05a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 14:12:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=yf-2PRVA142l_20JK4onHlh0ZZ1jJxlb4gHdpc-bmvKDqGag_4uFo6VY9lP8CL08y-fsbK6D7q0Ao--oWNL4uhhvm1e-9-y6VJGZWI7VE_YVnx0mVnTkGb0y1CJ_8HXoJUmWPuV3-0FEBiXYCFa8nWydFDnBpnyk8IdN0F6xWKnNUv5TevAPSx061qfbuDHfsJloRrHmRZGQTVqRCD-ipCd870Zl-b4RnZgt3kA4dIzLU8aq5pjVMTPVfKVtkY4UhtUZobxQFaMzNeYm"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 35835588
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 26E9 3 KB
1 KB 15ms
13ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=280&slotname=4767755106&adk=1142727135&adf=1528403788&pi=t.ma~as.4767755106&w=748&fwrn=4&fwrnh=100&lmt=1664806355&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355160&bpp=3&bdt=167&idt=175&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j4imHMAlDO&p=https%3A//questions.rawafedpor.com&dtd=185

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 14:10:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 26E9 17 KB
7 KB 22ms
7ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=280&slotname=4767755106&adk=1142727135&adf=1528403788&pi=t.ma~as.4767755106&w=748&fwrn=4&fwrnh=100&lmt=1664806355&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355160&bpp=3&bdt=167&idt=175&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j4imHMAlDO&p=https%3A//questions.rawafedpor.com&dtd=185

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 14:09:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26E9 140 KB
44 KB 44ms
30ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=280&slotname=4767755106&adk=1142727135&adf=1528403788&pi=t.ma~as.4767755106&w=748&fwrn=4&fwrnh=100&lmt=1664806355&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355160&bpp=3&bdt=167&idt=175&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j4imHMAlDO&p=https%3A//questions.rawafedpor.com&dtd=185

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Oct 2022 14:12:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 26E9 0
0 121ms
116ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTBHp0-06Y8T_FtyBwNYP372r2Aicge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTg1OTQ3OTA0MjgwNjYwMTigAazd_ugDyAEJqAMBqgSRAk_QTmP5kdx0mR_9BzDnt9Ljv15LaJie1KmuINIR7yPxn6toAK_zLiqpDMuyvaOh44h9A7j-0VKRH3QKEqvTvvnBs7FQa1A8lM_qy-caap8KeTZbWb3SKKehvgH3wfap2cudlLMl-rXJfNIqBcl3v6ISQ_WUhEXOw0kvcZkQ63lR5rgyhZObf0F7gjaJvvjeA4-QeXKlVOCeDWsXq_7EPXFa5SBch1TLp_hgowxj2cZk92FIx9OI7l-ThjBwBEcqo4Nwk-hvSPFxsa2DQJ9ZzsW3LlD4bSeCPv0DI_52FbfAIGP4-68wvHHGkC9LtAWLnbdfY2VXy76wEJq1nNXrQkl5oE-_o2liiKvqKDrrbk65aYAG9Yvlv-nKwfkXoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODU5NDc5MDQyODA2NjAxOBgA&sigh=nvbejbtJrYY&uach_m=[UACH]&cid=CAQSGwCsnQUxWRJLRNJkfW1eK6lC1TF-8VT_yNK5oxgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=280&slotname=4767755106&adk=1142727135&adf=1528403788&pi=t.ma~as.4767755106&w=748&fwrn=4&fwrnh=100&lmt=1664806355&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355160&bpp=3&bdt=167&idt=175&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j4imHMAlDO&p=https%3A//questions.rawafedpor.com&dtd=185

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=280&slotname=4767755106&adk=1142727135&adf=1528403788&pi=t.ma~as.4767755106&w=748&fwrn=4&fwrnh=100&lmt=1664806355&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355160&bpp=3&bdt=167&idt=175&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j4imHMAlDO&p=https%3A//questions.rawafedpor.com&dtd=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Oct 2022 14:12:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 26E9 0
0 51ms
44ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kOe3Ec36ROwFmALiIp0XAgAAALNDxXziJgV4ENLtOmPeBol5yospk7hAmwASAAA&wp=Yzrt0wAFv8QE0ADcAAre3-x4iWYo3JpY1vgBXQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=280&slotname=4767755106&adk=1142727135&adf=1528403788&pi=t.ma~as.4767755106&w=748&fwrn=4&fwrnh=100&lmt=1664806355&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355160&bpp=3&bdt=167&idt=175&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j4imHMAlDO&p=https%3A//questions.rawafedpor.com&dtd=185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 170038
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 8658 114 KB
42 KB 61ms
57ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Yzrt0wAFv8QE0ADcAAre3-x4iWYo3JpY1vgBXQ&u=%7CCB%2BKO8uw6I5v9iT%2F0eeHBti2z4ha7YQ9mHiUThPGg%2Bo%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd-WsQaHOL91cWjEyJfbRKIezWXmxChMzOwNeFNmW4BvNHr1AN2IM9AE2q2-bs3KInDq4dUg2Ea8q38ivH4xWF6xno10-LStQKToeOiXw6siQ1sfI4WEueelWbP7Q1fDAkAr4G9qjEp0oK2x0R-f4sjXplgSrHDntEMS97VO4Gt5OadJsd5_sBrdgTf41fnbs_z7nWoLd2fAmV7Y1j1tZuf6PecU9UcCa-cVB5N1CKAUkIuSagCimtj4EPaJK7lGjPzaWrBdcKzYWXUGFqQSts9Jv8vadP0LO_T00HVfNhsA_RtPZmp924UBIWS4hibqSCCc4UekHi2DQ_UqrQStg_yUDxtg0NPI1oKZjJoveQrPgibBT5NBJW6TzqxSe-gDIZxRLaCro0P6r72gB0d8PUPVl_aJizoWjvJqojQd0kUa6ME67M3Nn3oG_HcGE9HL3mX5B4vziQs5tF6FkkaW1bw2obD4gkDeSOQq5eI3sXJvHmyM7aNMSSqIUSwMlb0HnPDv6JIEVt3ykV2IPa_-FY6ieex4suc2T5EpXexKDOxQ3PI5qV7586ZHUo6Xr6UGw-219sGpscEOqw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRJrM0-06Y8T_FtyBwNYP372r2Aicge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTg1OTQ3OTA0MjgwNjYwMTigAazd_ugDyAEJqAMBqgSUAk_QTmP5kdx0mR_9BzDnt9Ljv15LaJie1KmuINIR7yPxn6toAK_zLiqpDMuyvaOh44h9A7j-0VKRH3QKEqvTvvnBs7FQa1A8lM_qy-caap8KeTZbWb3SKKehvgH3wfap2cudlLMl-rXJfNIqBcl3v6ISQ_WUhEXOw0kvcZkQ63lR5rgyhZObf0F7gjaJvvjeA4-QeXKlVOCeDWsXq_7EPXFa5SBch1TLp_hgowxj2cZk92FIx9OI7l-ThjBwBEcqo4Nwk-hvSPFxsa2DQJ9ZzsW3LlD4bSeCPv0DI_52FbfAIGP4-68wvHHGkC9L9gerDxyt6mWUQtM8--A8X2LXakBXuIskUBPrQRX0BCJCuN-5qn3YOYAG9Yvlv-nKwfkXoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pLkDOi3HeuC9Xp4jdPSwmfMhdWw%26client%3Dca-pub-8594790428066018%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=280&slotname=4767755106&adk=1142727135&adf=1528403788&pi=t.ma~as.4767755106&w=748&fwrn=4&fwrnh=100&lmt=1664806355&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355160&bpp=3&bdt=167&idt=175&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j4imHMAlDO&p=https%3A//questions.rawafedpor.com&dtd=185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c4d8cae77f1ced5d6ce834aaff589408652c1318ea07f742ca66bb9fd5148230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 14:12:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=wnhLCRVA142l_20JRPiVWrkSS50qfu5R0LVbjgRJG2PDKojp_yunPP5NPHvd28-rlcatchuVCKqsW8jNwVdUtnYvUC_kDSCk0Jk3M4SrUwloSny7bNVnRiOdUc1Z3z1s3kfig2tpBXQ6Q7DWSqtAEiY0eaWYuv9nevgHQmjVHT_SuSAv1nQajtjbPYTUDzk_edfTDOIUUzckn0N-Qu8X8D8QRcegBbOAHVu00uoSj0YYAjyxkdRZeTH_5-o9YWstg8HPeg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 45481416
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B702 2 KB
1 KB 106ms
21ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Yzrt0wAF7jAE0ADrAAzzn4SZ0H-lFrfpGPHo1g&u=%7CCB%2BKO8uw6I6h7E6sXev5cCaqxa4tt4j8WO5JoXIzhqc%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd-WsQaHOL91cWjEyJfbRKIeeqkFg11ain6gaBw8HlXroIk5WRMu0Oz4mAia7XDtaff5fYODHGs6qEEcKzBMY2GqXvrKIkqKlmYIR-tqXx_-2w8_ue3oBZJUh5wYrhCKF3fXX-oH_rLj2pWWTx6EnIg7HmRMTC191U4ArjPkTKTh_1s4-YPJhHNUQ14ai-IWblmK0EwXhXyhzwSV16fzP9cOCaVWAqlCzy6g_8nDn8zJP3ciuSa-M2PNjmudMSldH1kxSNl3_twzHLafWCwYElN3z6PqkYzzbPsqZHdM14E9ZEzcqoCqpWehp3KMMZEA-w_EyAo2uHJVm4bnHueiclFOKALbZomw_5NTFKIP97AiqRJYnZlt3fKZfkGT3TR34XA0-kvUbQbLrwzYOB9kz3bdsSUd2pd5rTc32H6MwEYAUZ8qIaJy_HN85AXqplCkR9xyzGKkXdHzPtDQ6YCiIkZR63no6qY_HZDhNFrI3ex5PTSMshWT9GKtsy0C32W5Q3nygbV9CewkfQuCpMX-6pfpO87aEL4rdB960FehlPU4mylmrwo1493RhrUKF-g6k_aFyLpp_3hYeA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMG6e0-06Y7DcF-uBwNYPn-ezuAWcge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODU5NDc5MDQyODA2NjAxOKABrN3-6APIAQmoAwGqBJkCT9D9NfzxVjzqpE64itDKfmpn0HEZz5_XWoxcmPVgfH1Xe7GQubi4muOvUxQb0Dh2ilRKnTkAQ3nGLaZ9_u6avzHzZ6PdGeUjC0E18qMSQJn9b_QDenpfh8gi7EmNSoFSd2ipemwHw0lEfrnAmHFVtrrBE74SF693OEEEHTLn6HzGN4S9EOgtiTJ-3wo-Gx3nlRZS38Tj8bQvawuF325JS3I20qOA8-i_nniaEm7-iqySO3gMlD6tc1_FLBOjCYjLMyE0BFALH6Ut7e5rAP_L6O0Yua01ojZgz4yUmQXSjOtBswEb0nKv1u-3ypRX5BbPSon3qYRYMvt4-O66PQKr2WIN6fFBjKaYIpZBUO7_lSl8QMtcIQoNYyyABvWL5b_pysH5F6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2H2VV93yLeyjnZ-7pa70pTKuXJaA%26client%3Dca-pub-8594790428066018%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame B702 2 KB
1 KB 95ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame B702 308 B
636 B 84ms
17ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame B702 293 B
621 B 79ms
13ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame B702 43 B
347 B 281ms
15ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=tA64q-xR-qYn7HDWOs8i9vB2WoGMsx8feyhhtujn1LlNG8omQRfES46KLVRvvt2VrsfLYJaCfSsLBzWjC87L9fX7QEYu1xKRnhEm5JCWlAGPZCzhIpej-qSSco1CMFDM0if2aGVnkfndFn35-tBJkRmuWpUER2qCBqScIN01wQTzmitbxAdqBixwR102X10GdNl1Uj5Rb3O67OwrePALzRmWBVnU0xy7UJyp58VkR5moAR8oHASmBOmMLG_MGLemDA8ZYebwjj3sWZHs9OwNe27KKb6gxeb_wsHB8jtwcM6txLVbLrrF3-se1b-wwnDyR1f8Qr6F3DiFJA4IBe7QwYCvoPLB45DF0LmgWTp2u1wrRXr1PjX2Ocg0ehejj7466bq8QJQ2FdoKb8CzOSxpCNIr3GmWKGeloDLP_WInILsYkweBpnm016D9xq6OAdUX4luEPQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 14:12:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3288110
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CFDC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2a656163f742ced4a512088feb659c55511ff347a8e4faf4ba0b861a123191d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 418A 2 KB
1 KB 63ms
12ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Yzrt0wAFqgAKTAMEAAqtNkS74MRL200p1pm-cA&u=%7CCB%2BKO8uw6I6lBNUiGW8dSjt84c%2F5DfiGhU%2B7zm%2FqpQM%3D%7C&c1=7gfvdwnclaNOxMfwO7LPpgjdpB3353uJoj6v23HliKqwl1OophSbWYOWV603oo7hRT2_VnWg5tECtHg1Uo8EsalhRcFB8uWubIxc5ktold-j0-a-Lv7-kzKwJJ-SHkv89LNM0XBHqI0cgxHx1Xo4mV8Qmfxo6OyD3I8xldFq4QOaTSARzYsRtMWEvs5paQyezdBwmG0YnBpYxx-evI7Xchs_j-3DmpRz6KbDVJl3J1i-jyTRXnn-m1rsnMrPi80B6NLeW3t9oSqKfUVPM8T6P00DWTpTVjhBYunhD11dQffdi65140qKWXVIePpECHqGKfZDeHKGRJ3fE47DmSiRJHN1XKBG9c0asDf1TTcd4_gvocYYIoJcAJgipP7N7DQJ_Bzs0nJFTACT2NJHm5cEN2TvZI9SY6PlKf_ZEKcgk7Cms-ShnL2GRDqhAY7gefrR3c2l5Vev-rP8MDoRt6kS5L5JOPg9XRnLM1QEU91HgwjOP20tFzXTTmwTa-3FUswwX1rpXgnvWOfIdbXiZisg2C9VGUNvz7-2jZCnQz6fp3klltYTu5MCwskTu6Q-GKkrR4veKPeBkQUhy5K8sdLDhFqMt7T7x9FZb0XctXswPHvCl09UNlntBAvQ_k8_fDBStarAOHQAsQo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD1JD0-06Y4DUFoSGsAK22qrQBZyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi04NTk0NzkwNDI4MDY2MDE4oAGs3f7oA8gBCagDAaoEmQJP0MMPqJXItT-ci090ZRZem6zvaqUW5IZ-q-00i_FS3aYwlt2rZoiUOZDVkpr8t3gnqwDwjnmpXl3h1KIn7Z23sJzM2KQA6HD0VD155TQBJCmNS7bHJ0mznQLKvehp9y-4CyN7C4ivRMRFAMt2CKAWX4zqCe4fKpUigKOAwGEEHVleHb0DdZGX6RTHodttpuoMxAmFhBDBjLG_jep7M-fX1qgavia95bHqOvtwHm44SsMJRVYWXifdP7dgIrVxCrGXpyqmdgoFqhONn2SwbmvGfMuwtyf8LDDwR6isZyRJomV97gvhxbGoO4DnjXD1Hh_EojYzo6Tx2RSdLwEwgaqgVo24xy9Y7FC7lsRN9TCJuCBf785XMwJVfoAGpdvx8PGoiPgtoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2X1LXgbAw3EU8sbaSLMBMIx-PETw%26client%3Dca-pub-8594790428066018%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 418A 2 KB
1 KB 70ms
19ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 418A 308 B
636 B 21ms
16ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 418A 293 B
621 B 16ms
11ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 418A 43 B
347 B 220ms
16ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=HJhwa_lF4lkhWWX43CAFN-_j9kh4Zb9crN4ttuS7-pVRdbetxWrZyIXuB_Q7DAEsK72HtEqaQKyv4hS8AKpb3dkQITATN0H7xfc_eo25EXU6h3TrXOQNW6AZwJ61eiujz3JbnmC0gORpCojJ7D6RcRcS-_0h89dGbfDYo2h2Vs0rtGuR2U4MEcBZAo61RLCNc6oJsGXn-c_tbH3JG874a-E1idlL0--N8Xa1gBTG0jR5LLD-TD7Q_hMsKYMsQr61kQBJanfLE3WVvifD5XGb3o_xHBqYQAidWs7OeRKRAWHOoqp9vgD309W75lYd8R7xqMYWoibJhFfOITdA2EAxYmzikj3urNsgTeqk2p17euhmp8UrzkQuEaC4D5NLFrmpL8HS7A42NO0MCQdqNkoVgBZhzkXKFlKAIuSfnFo_xFd3bdD_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 14:12:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3623360
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 view.gif
tk.svsound.com/v/ Frame 418A 43 B
322 B 169ms
12ms Image
image/gif 34.197.25.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.svsound.com/v/view.gif?wiz_aid=A50215&wiz_tid=3&wiz_medium=display&wiz_source=criteo&wiz_campaign=New%20Customer%20Acquisition%20-%20Similar%20Audience&wiz_r=633aedd30549355288a6c400bf988181
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Yzrt0wAFqgAKTAMEAAqtNkS74MRL200p1pm-cA&u=%7CCB%2BKO8uw6I6lBNUiGW8dSjt84c%2F5DfiGhU%2B7zm%2FqpQM%3D%7C&c1=7gfvdwnclaNOxMfwO7LPpgjdpB3353uJoj6v23HliKqwl1OophSbWYOWV603oo7hRT2_VnWg5tECtHg1Uo8EsalhRcFB8uWubIxc5ktold-j0-a-Lv7-kzKwJJ-SHkv89LNM0XBHqI0cgxHx1Xo4mV8Qmfxo6OyD3I8xldFq4QOaTSARzYsRtMWEvs5paQyezdBwmG0YnBpYxx-evI7Xchs_j-3DmpRz6KbDVJl3J1i-jyTRXnn-m1rsnMrPi80B6NLeW3t9oSqKfUVPM8T6P00DWTpTVjhBYunhD11dQffdi65140qKWXVIePpECHqGKfZDeHKGRJ3fE47DmSiRJHN1XKBG9c0asDf1TTcd4_gvocYYIoJcAJgipP7N7DQJ_Bzs0nJFTACT2NJHm5cEN2TvZI9SY6PlKf_ZEKcgk7Cms-ShnL2GRDqhAY7gefrR3c2l5Vev-rP8MDoRt6kS5L5JOPg9XRnLM1QEU91HgwjOP20tFzXTTmwTa-3FUswwX1rpXgnvWOfIdbXiZisg2C9VGUNvz7-2jZCnQz6fp3klltYTu5MCwskTu6Q-GKkrR4veKPeBkQUhy5K8sdLDhFqMt7T7x9FZb0XctXswPHvCl09UNlntBAvQ_k8_fDBStarAOHQAsQo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD1JD0-06Y4DUFoSGsAK22qrQBZyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi04NTk0NzkwNDI4MDY2MDE4oAGs3f7oA8gBCagDAaoEmQJP0MMPqJXItT-ci090ZRZem6zvaqUW5IZ-q-00i_FS3aYwlt2rZoiUOZDVkpr8t3gnqwDwjnmpXl3h1KIn7Z23sJzM2KQA6HD0VD155TQBJCmNS7bHJ0mznQLKvehp9y-4CyN7C4ivRMRFAMt2CKAWX4zqCe4fKpUigKOAwGEEHVleHb0DdZGX6RTHodttpuoMxAmFhBDBjLG_jep7M-fX1qgavia95bHqOvtwHm44SsMJRVYWXifdP7dgIrVxCrGXpyqmdgoFqhONn2SwbmvGfMuwtyf8LDDwR6isZyRJomV97gvhxbGoO4DnjXD1Hh_EojYzo6Tx2RSdLwEwgaqgVo24xy9Y7FC7lsRN9TCJuCBf785XMwJVfoAGpdvx8PGoiPgtoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2X1LXgbAw3EU8sbaSLMBMIx-PETw%26client%3Dca-pub-8594790428066018%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.25.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-25-63.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 03 Oct 2022 14:12:36 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
p3p: CP="NON DSP COR ADM PSA IVA OUR STP NAV"

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B702 12 KB
5 KB 51ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 565530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RA1d1Mg66wKy3KshhDarrYqM9S24dod0LzQegngigAl%2FzqELBiOP3Vc9W2EWll%2BJGsSlFqyT0Z%2BLMRK7wtB9XDGKYP2fzYdtwNP2l264%2FAEctDxOgk39Y0Q8zunxXMgIfCkjyOmBySCOje0e4L54PI7k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7546460cee0718b1-EWR
expires: Sat, 23 Sep 2023 14:12:35 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame B702 12 KB
6 KB 55ms
18ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame B702 69 KB
69 KB 58ms
20ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90645&q=80&r=0&u=https%3A%2F%2Fassets.investingoutlook.co%2Fuploads%2F2022%2F02%2FMarcMap.png&v=3&w=800&s=68cyYMVKt7yLkNKDEdciCYbP&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ce2b09efa27bd0efe0430fa02eeba81180cb6a245d41980e8b6f9d86ff03af6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 70694
expires: Mon, 03 Oct 2022 14:12:36 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame B702 13 KB
14 KB 74ms
37ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90645&q=80&r=0&u=https%3A%2F%2Fassets.investingoutlook.co%2Fuploads%2F2022%2F06%2FMarcNew768x504.jpg&v=3&w=800&s=g5zjmfGjedfQQ38K9pdFIt73&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8e471384a35a7221e22107508097cf7e63e0377222e18374b0aaf6cd8f73c684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13754
expires: Mon, 03 Oct 2022 14:12:36 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame B702 0
128 B 241ms
10ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=yf-2PRVA142l_20JK4onHlh0ZZ1jJxlb4gHdpc-bmvKDqGag_4uFo6VY9lP8CL08y-fsbK6D7q0Ao--oWNL4uhhvm1e-9-y6VJGZWI7VE_YVnx0mVnTkGb0y1CJ_8HXoJUmWPuV3-0FEBiXYCFa8nWydFDnBpnyk8IdN0F6xWKnNUv5TevAPSx061qfbuDHfsJloRrHmRZGQTVqRCD-ipCd870Zl-b4RnZgt3kA4dIzLU8aq5pjVMTPVfKVtkY4UhtUZobxQFaMzNeYm&sds=2&rev=82884&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 03 Oct 2022 14:12:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B702 2 KB
1 KB 23ms
13ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame B702 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
DATA 200
OK truncated
/ Frame 26E9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2cfcf5160476ad621e7aa6d3c10ee9afda9d7655a7767f0d0705aee73b49198

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8658 2 KB
1 KB 24ms
23ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Yzrt0wAFv8QE0ADcAAre3-x4iWYo3JpY1vgBXQ&u=%7CCB%2BKO8uw6I5v9iT%2F0eeHBti2z4ha7YQ9mHiUThPGg%2Bo%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd-WsQaHOL91cWjEyJfbRKIezWXmxChMzOwNeFNmW4BvNHr1AN2IM9AE2q2-bs3KInDq4dUg2Ea8q38ivH4xWF6xno10-LStQKToeOiXw6siQ1sfI4WEueelWbP7Q1fDAkAr4G9qjEp0oK2x0R-f4sjXplgSrHDntEMS97VO4Gt5OadJsd5_sBrdgTf41fnbs_z7nWoLd2fAmV7Y1j1tZuf6PecU9UcCa-cVB5N1CKAUkIuSagCimtj4EPaJK7lGjPzaWrBdcKzYWXUGFqQSts9Jv8vadP0LO_T00HVfNhsA_RtPZmp924UBIWS4hibqSCCc4UekHi2DQ_UqrQStg_yUDxtg0NPI1oKZjJoveQrPgibBT5NBJW6TzqxSe-gDIZxRLaCro0P6r72gB0d8PUPVl_aJizoWjvJqojQd0kUa6ME67M3Nn3oG_HcGE9HL3mX5B4vziQs5tF6FkkaW1bw2obD4gkDeSOQq5eI3sXJvHmyM7aNMSSqIUSwMlb0HnPDv6JIEVt3ykV2IPa_-FY6ieex4suc2T5EpXexKDOxQ3PI5qV7586ZHUo6Xr6UGw-219sGpscEOqw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRJrM0-06Y8T_FtyBwNYP372r2Aicge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTg1OTQ3OTA0MjgwNjYwMTigAazd_ugDyAEJqAMBqgSUAk_QTmP5kdx0mR_9BzDnt9Ljv15LaJie1KmuINIR7yPxn6toAK_zLiqpDMuyvaOh44h9A7j-0VKRH3QKEqvTvvnBs7FQa1A8lM_qy-caap8KeTZbWb3SKKehvgH3wfap2cudlLMl-rXJfNIqBcl3v6ISQ_WUhEXOw0kvcZkQ63lR5rgyhZObf0F7gjaJvvjeA4-QeXKlVOCeDWsXq_7EPXFa5SBch1TLp_hgowxj2cZk92FIx9OI7l-ThjBwBEcqo4Nwk-hvSPFxsa2DQJ9ZzsW3LlD4bSeCPv0DI_52FbfAIGP4-68wvHHGkC9L9gerDxyt6mWUQtM8--A8X2LXakBXuIskUBPrQRX0BCJCuN-5qn3YOYAG9Yvlv-nKwfkXoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pLkDOi3HeuC9Xp4jdPSwmfMhdWw%26client%3Dca-pub-8594790428066018%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 8658 2 KB
1 KB 12ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8658 308 B
636 B 11ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 8658 293 B
621 B 11ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 8658 43 B
348 B 117ms
14ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=2Q7PQ-xR-qYn7HDWOs8i9vB2WoEKyftARmD71s6G8U75fimHP_VNKC6ZSsEqQRxSMPvPW5q23cUS4c_9JBxrjLCDoWeE8tLXi_jovKc7okPbfnsdUyLruXiwG1PqjZqOJdQ_j1BU9O4zU6xWq0JnfWEijrg3hhmNXkd7ZvdpZXDjL-YBlF-JuuNHakTwlMoAM20XR20QbTMsofIXw2tGimDIwmslRXO5Fi2dAf6w5GhxT8RKdd7Oz_DgxnLwWEO6ktBDOA7fnjiQtUkrXPMrngjfZE-5wUJNYx-2UIIP4IY5pqqNvHiC7AOJypkoWL5zid1J7Z7K-pd2pgJNUd5NQhEPZwr6F-962cXSkXfEImXoTNTzDy_ae3I4TI6YazkRh_Lluge75obJ30X7CA8uEWqgEuIOHg6LI72NeaMq4-V5cOdUuXeMldTqtE262Q95zUxm3Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 14:12:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1936391
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 418A 12 KB
5 KB 37ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 915000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQmSCln3lPCEDjWaQm45e9oHdbcOUlrBH3P0VkBuXqoYWwhCBuJYFtDtbemDW%2BvlmeAv4IJDMaSvg5dLWvNghT7h5l66mBUQfskgrTOHVCcUhIhGBy6XiU%2Bz6X1S45%2FnFiiP8CoKRIZQPc26yOv6uZNN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7546460d7ed18c5f-EWR
expires: Sat, 23 Sep 2023 14:12:36 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 418A 12 KB
6 KB 13ms
13ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 418A 0
127 B 162ms
13ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=0aDzYhVA142l_20J7scs3rtFKaYz1UOoDcLSQjV7KFxN36OuPerizgjt_aLPKLeygOparTz2CdqYxf5_7LNLPvm3eXyBeV61WFvi04Wrq0hXi-PtLdWJuD8phyl9-qmmMSOOLANL1-Rt-0NtkKoz9ZvjjUVruNXLeJBgaZ1dCrkY55lPaMn9_GmmIaqOXCLkr1HhYN3Xd4lJI9y1sm0gF0PjPqKiR-3e0v611V6yYfGUnuLIs6clFllYXOavSrcsnGr5uA&sds=2&rev=82884&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 03 Oct 2022 14:12:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 418A 2 KB
1 KB 12ms
11ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 418A 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8658 12 KB
5 KB 18ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 915000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmD79rux3ICSGEln3HZrwsFPQ8%2Bjq%2F%2BWL5Q7SdMsa8zIeNpcy8QNJDtY5O0CKhJay%2BXco3ES4hylKvBbaeoPfjFxCu8aDv2EwWYAO37xaeSkBeTW%2BrI6qycDf8G4irOvWDP%2Fk4gSM3O%2BFM7KHrmOs%2Fgb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7546460daf168c5f-EWR
expires: Sat, 23 Sep 2023 14:12:36 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 8658 12 KB
6 KB 17ms
15ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 8658 11 KB
11 KB 33ms
31ms Image
image/webp 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90645&q=80&r=0&u=https%3A%2F%2Fassets.investingoutlook.co%2Fuploads%2F2022%2F06%2FMarcIO2.jpg&v=3&w=800&s=-Db98V-Rj-eWfDBVHFuCIkKi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c4b41cc6e4bcc98507fbb0d2ceee7def23c3f73173400ef5b8efdda0a4e7cb08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11110
expires: Mon, 03 Oct 2022 14:12:36 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 8658 0
127 B 72ms
12ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=wnhLCRVA142l_20JRPiVWrkSS50qfu5R0LVbjgRJG2PDKojp_yunPP5NPHvd28-rlcatchuVCKqsW8jNwVdUtnYvUC_kDSCk0Jk3M4SrUwloSny7bNVnRiOdUc1Z3z1s3kfig2tpBXQ6Q7DWSqtAEiY0eaWYuv9nevgHQmjVHT_SuSAv1nQajtjbPYTUDzk_edfTDOIUUzckn0N-Qu8X8D8QRcegBbOAHVu00uoSj0YYAjyxkdRZeTH_5-o9YWstg8HPeg&sds=2&rev=82884&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 03 Oct 2022 14:12:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8658 2 KB
1 KB 26ms
26ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8658 2 KB
1 KB 26ms
26ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 14:12:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B702 3 KB
622 B 59ms
27ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 14:09:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Oct 2022 14:12:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 418A 5 KB
740 B 56ms
24ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 12:18:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Oct 2022 14:12:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8658 3 KB
1 KB 55ms
24ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 13:25:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Oct 2022 14:12:36 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 8658 30 KB
30 KB 32ms
12ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 03:02:54 GMT
x-content-type-options: nosniff
age: 126582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 03:02:54 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 418A 44 KB
44 KB 20ms
6ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:34:59 GMT
x-content-type-options: nosniff
age: 531457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:34:59 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame B702 30 KB
30 KB 31ms
18ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 03:02:54 GMT
x-content-type-options: nosniff
age: 126582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 03:02:54 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 41ms
28ms XHR
application/json 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9ad97a8a82fd8bdac126ffbeedb30e787412051bb7df44ce04801b3fa4f23c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11194
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
35ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Oct 2022 14:12:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5DBB 13 KB
5 KB 13ms
8ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://questions.rawafedpor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 42640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 02:21:56 GMT
expires: Tue, 03 Oct 2023 02:21:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 26B8 783 B
534 B 52ms
26ms Document
text/html 2607:f8b0:4006:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a4c150b66a7acf7aba7e2c0a6d65b035c3f7130ef79884247861baef1de95c60

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lCisGJWzv23IkbB8bc_YLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://questions.rawafedpor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-lCisGJWzv23IkbB8bc_YLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 14:12:36 GMT
expires: Mon, 03 Oct 2022 14:12:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DBB 36 KB
16 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 18:19:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 26B8 0
0 66ms
65ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=3099021323772720&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5DBB 0
10 B 6ms
5ms Image
text/plain 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VbRMYw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 14:12:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
69ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=3099021323772720&bg=!s7ClsPTNAAYQgTJdMIE7ACkAdvg8Wk3sSW43HE7jEVFfD9McwnYRgGViEvB_yOiTBal-GlWKtYGPnAIAAABtUgAAAANoAQeZAqDk_bjvIFqahD4oesow60zjyFJIcqpNkGip4FDB0sRE2HOhFd9Z6iMQla4Tv1uPmUYJ4NPhTzRiKpnta3JcluOzXYQ0ONXizYKuXnxYt0xAkUh1M319YsdaYd8spP6NEiEoI-pAN8A6kyNj0nSi9I-KJbT90x-jLJ7v9fTn384HJCvvk4Oacfk2qqGHfzB_UNdNBVdHL_7_8eQFmLlJYNMj8WAMVsi1IOCfrxRXyX-uD45xKPuY_FOnS0I2tb6VL4R7O6hBrLFVarYeuJos8ACsPGN4GIWtSuUdFDWdTcac0nN_qxHToAKb5PPa5IygqaVlJGdCcvef09mXfLKWT_AsyrSbf_cCqzj0ssjIdtrTJ49lT5ksFZoQazkyhnth-_3EepDUN3GTFjDXob9gM4E7XoFTNdIq5VbkfTm7hPyd2CwblAUWFICTtGgN5izOZTD3ohIpYn-BK_J_zl8nTO9rNQG47utN7U2MWRA3EDxjBu6100qxC74L2gcxmPVS7THadNmftk25n3jk-ui3SjU8Ar7Mt0sS-0i_tma-yi6ok77j2sFal9zvJfKXYVXwl6knKpV9cCTxP8r04D4IEDJazFCmucBgq0Ev0KRHJ4PYjyULD2vuezucr2LfHgP0LRHiXsukIDUKI3CZ0EsGoW8VPV54suFvVNdbQRtWM4MVR1ofSxOk6Mspe5iyZGS3HXDmLs9mHuvBaLXb5iZEdVynnLgR51wzXr6I8mF2ww_9JL6psuMGMKba59cgA4WWrPUfwOoVwMyArkcNiC2u3FKNCXMtUfr1KucAW3zlJaQLvQZk4j31gwlnv4hk9AyqhDi52JPogMOQPQlgFc1YjXs8kR6aD_TOOaEuFfgtHbMCDbBBz6MMfJkj8gwg9NlLN6M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questions.rawafedpor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 26E9 42 B
64 B 65ms
64ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrVCRPjLbxYyFl4EUXteqRpGB5eAmQfjAXyoDekUcX1VIZfa9EkOzUL4qAPpPwBjy0oyRjd1yvjuDvR1GHyeuy6bZZ&sig=Cg0ArKJSzFuAWhqKr0waEAE&id=lidar2&mcvt=1000&p=0,0,280,748&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1142727135&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664806355348&rpt=660&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 14:12:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 8658 0
127 B 11ms
10ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 03 Oct 2022 14:12:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.us.criteo.net/ Frame 418A 0
127 B 11ms
10ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 03 Oct 2022 14:12:37 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 10:50:17	Name: NID Value: 511=PX3WHC7J1NX3ZSKr1Wl2eigzGgZ7ZJl1yxBgGjyMjdiTblYbfNEpC2gOoUrILP1fPvzeQdfzjiJntEuMmXoruOjjZFIiTnUTyC9PZHCZ2FO-3ehy3ADRmkEvYAaOGONAvK6qi78pkxJbzuahPDzzXqIwVDSmFq1tOmV037bVGSw
questions.rawafedpor.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 477715880479db209bbf51172caa73eb
questions.rawafedpor.com/	1970-01-20 06:29:39	Name: qa_key Value: 3rhthmvfxhuts9w40cpm0sfvtnpc3q72
.rawafedpor.com/	1970-01-20 16:02:46	Name: _ga Value: GA1.2.372082401.1664806355
.rawafedpor.com/	1970-01-20 06:28:12	Name: _gid Value: GA1.2.1406484023.1664806355
.rawafedpor.com/	1970-01-20 06:26:46	Name: _gat_gtag_UA_62733008_16 Value: 1
.rawafedpor.com/	1970-01-20 15:48:22	Name: __gads Value: ID=f47a3c98fac5198a-22200a6371d70060:T=1664806355:RT=1664806355:S=ALNI_Mat-Lbd2V877u4IgM4MOL00wOPofA
.rawafedpor.com/	1970-01-20 15:48:22	Name: __gpi Value: UID=00000873ca32c085:T=1664806355:RT=1664806355:S=ALNI_Mak4DAbOjKiHk9cBNHmog5Mavex4Q
.doubleclick.net/	1970-01-20 16:02:46	Name: IDE Value: AHWqTUlDyPzlrx3bgbVVwgXP8xoRxGNej--hPLnHfOATWBw0fyXFVy7kPHAGCRz-fPA
tk.svsound.com/	1970-01-20 15:12:22	Name: uid Value: rB8nB2M67dQoD32wgLrtAg==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://angrasolucoes.com.br/usx/ Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8594790428066018&output=html&h=640&slotname=4631947750&adk=449850582&adf=3674521187&pi=t.ma~as.4631947750&w=320&lmt=1664806355&psa=0&format=320x640&url=https%3A%2F%2Fquestions.rawafedpor.com%2F4724%2Fthe-best-ways-profit-from-the-internet-where-you-can-make-money&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664806355158&bpp=2&bdt=165&idt=161&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5241600284994&frm=20&pv=1&ga_vid=372082401.1664806355&ga_sid=1664806355&ga_hid=1938986092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44773746%2C44769662&oid=2&pvsid=3099021323772720&tmod=1563334528&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BTgDZSQfQW&p=https%3A//questions.rawafedpor.com&dtd=174 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
adservice.google.com
angrasolucoes.com.br
cat.va.us.criteo.com
cdnjs.cloudflare.com
csm.us.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
navarroingenieros.com
ois.is
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
questions.rawafedpor.com
rtb.va.us.criteo.com
static.criteo.net
tk.svsound.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
108.179.252.182
192.185.154.250
2001:4860:4802:32::178
2606:4700:3031::ac43:cafb
2606:4700:3032::6815:55c4
2606:4700::6811:190e
2607:f8b0:4006:806::2004
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80c::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2001
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2008
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
34.197.25.63
74.119.119.137
74.119.119.147
74.119.119.149
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
1650a2bc457aa28b1f50c92cd2a2cbf1158664b717627f4cca2c9748a8eb8b5f
1760653cea08d53dd5523299a7e26aa001ef6f5865de7e9a20dfda125a6b64c5
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
46b753a3bacc8e007a76f5204f7e577ce0de6d41cc8f2e72f24e5f0d6ee38bab
4a3af43c32f7b69d7e48e774bad69e1f9cf57c6af0f9e02985a5abc461b3cec1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e54d8adc6e997ebb636a5c1021475722aa7fcdd79f9b1c157b81404c4f05a4a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f7ba15b892bafcbb135daa7922c2e40eb4b449de6303be038bd097fa5c95bf
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6613ca4bbe4f86468e9b9f5a6b239c68f19f5474bb2b07fb8a63d8aaa5a69bfb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7bc542ce3b1df2006856fb35b9af8844822261f9dc629e8729461292fb459c50
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e471384a35a7221e22107508097cf7e63e0377222e18374b0aaf6cd8f73c684
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2cfcf5160476ad621e7aa6d3c10ee9afda9d7655a7767f0d0705aee73b49198
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a39959bc9a2a66fee7f2527ac60ccb4778d84e94f0b3200466e2f1726a112e33
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c150b66a7acf7aba7e2c0a6d65b035c3f7130ef79884247861baef1de95c60
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7fd4458086b9fee5b93cc442cec9750de6ba2fcb081f2428ae1461621a4bf35
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b2a656163f742ced4a512088feb659c55511ff347a8e4faf4ba0b861a123191d
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
c4b41cc6e4bcc98507fbb0d2ceee7def23c3f73173400ef5b8efdda0a4e7cb08
c4d8cae77f1ced5d6ce834aaff589408652c1318ea07f742ca66bb9fd5148230
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
c912c56a6223ff8dcb979d181de55f8dfe5ddd8690b7617352683b568b4b3d16
cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84
ce2b09efa27bd0efe0430fa02eeba81180cb6a245d41980e8b6f9d86ff03af6f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ad97a8a82fd8bdac126ffbeedb30e787412051bb7df44ce04801b3fa4f23c0
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

questions.rawafedpor.com Open in urlscan Pro 2606:4700:3031::ac43:cafb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

100 %HTTPS

74 %IPv6

17 Domains

23 Subdomains

22 IPs

1 Countries

949 kBTransfer

2220 kBSize

10 Cookies

2 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

questions.rawafedpor.com Open in urlscan Pro
2606:4700:3031::ac43:cafb Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

100 %
HTTPS

74 %
IPv6

17
Domains

23
Subdomains

22
IPs

1
Countries

949 kB
Transfer

2220 kB
Size

10
Cookies

96 HTTP transactions
2 data transactions