urlscan.io logo urlscan.io
SecurityTrails logo

fortunetelleroracle.com Open in urlscan Pro
2a02:4780:8:620:0:2314:da7e:1  Public Scan

Go To Rescan Add Verdict Report
URL: https://fortunetelleroracle.com/profile/justintyler
Submission: On September 08 via manual from IN — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 15 domains to perform 92 HTTP transactions. The main IP is 2a02:4780:8:620:0:2314:da7e:1, located in Cyprus and belongs to AS-HOSTINGER, CY. The main domain is fortunetelleroracle.com. The Cisco Umbrella rank of the primary domain is 408726.
TLS certificate: Issued by R3 on September 7th 2022. Valid for: 3 months.
This is the only time fortunetelleroracle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    2a02:4780:8:620:0:2314:da7e:1 (Cyprus)

ASN47583 (AS-HOSTINGER, CY)
fortunetelleroracle.com
2    2a00:1450:400e:80d::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
3    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.nl
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
www.googletagservices.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
3    151.101.1.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
5    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
6    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
14    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
22 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
pix.eu.criteo.net — Cisco Umbrella Rank: 5551
csm.eu.criteo.net — Cisco Umbrella Rank: 5700
137 KB
19 fortunetelleroracle.com
fortunetelleroracle.com — Cisco Umbrella Rank: 408726
www.fortunetelleroracle.com Failed
622 KB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
279 KB
11 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2465
t.paypal.com — Cisco Umbrella Rank: 3345
114 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
25 KB
3 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 5636
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 9447
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 7382
48 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
2 KB
3 gstatic.com
fonts.gstatic.com
172 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2141
33 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
87 KB
2 google.nl
adservice.google.nl — Cisco Umbrella Rank: 10122
914 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
44 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 972
655 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
42 KB
92 15
Domain Requested by
19 fortunetelleroracle.com 1 redirects fortunetelleroracle.com
14 pix.eu.criteo.net ads.eu.criteo.com
8 www.paypal.com fortunetelleroracle.com
www.paypal.com
www.paypalobjects.com
8 pagead2.googlesyndication.com fortunetelleroracle.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 static.criteo.net ads.eu.criteo.com
5 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 t.paypal.com fortunetelleroracle.com
3 fonts.gstatic.com fonts.googleapis.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
2 connect.facebook.net fortunetelleroracle.com
connect.facebook.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.nl pagead2.googlesyndication.com
2 fonts.googleapis.com fortunetelleroracle.com
1 www.google.com tpc.googlesyndication.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com fortunetelleroracle.com
0 www.fortunetelleroracle.com Failed fortunetelleroracle.com
92 23

This site contains no links.

Subject Issuer Validity Valid
fortunetelleroracle.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-12 -
2023-04-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-17 -
2022-09-15		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-04 -
2022-11-23		 9 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-03 -
2022-11-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-22 -
2022-10-19		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-21 -
2022-11-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://fortunetelleroracle.com/profile/justintyler
Frame ID: 185656586AC6F73447DA1ABB0EA666B5
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/zrt_lookup.html
Frame ID: 97785BECAB69DC984F6EC6CCC0D8056F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2744327701249356&output=html&adk=1812271804&adf=3025194257&lmt=1662637243&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffortunetelleroracle.com%2Fprofile%2Fjustintyler&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662637243574&bpp=7&bdt=348&idt=290&shv=r20220901&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3165898423328&frm=20&pv=2&ga_vid=189059111.1662637244&ga_sid=1662637244&ga_hid=1074004187&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069395&oid=2&pvsid=593547112269551&tmod=1209051190&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=307
Frame ID: 769AE80C633D02239521AAC8935A2309
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2744327701249356&output=html&h=280&adk=3088186576&adf=1211923703&pi=t.aa~a.937185681~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1662637243&rafmt=1&to=qs&pwprc=6496725761&psa=0&format=1200x280&url=https%3A%2F%2Ffortunetelleroracle.com%2Fprofile%2Fjustintyler&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662637243581&bpp=1&bdt=354&idt=306&shv=r20220901&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3165898423328&frm=20&pv=1&ga_vid=189059111.1662637244&ga_sid=1662637244&ga_hid=1074004187&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069395&oid=2&pvsid=593547112269551&tmod=1209051190&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=97g9ZuLNS0&p=https%3A//fortunetelleroracle.com&dtd=310
Frame ID: 36CF4C757709ABADFBBDBF61F4E21E56
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2744327701249356&output=html&h=240&adk=3918215417&adf=1298400054&pi=t.aa~a.3704201861~rp.3&w=269&fwrn=4&fwrnh=100&lmt=1662637244&rafmt=1&to=qs&pwprc=6496725761&psa=1&format=269x240&url=https%3A%2F%2Ffortunetelleroracle.com%2Fprofile%2Fjustintyler&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662637244254&bpp=1&bdt=1028&idt=-M&shv=r20220901&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db031b2c989abb531-220e000a18ce009d%3AT%3D1662637244%3ART%3D1662637244%3AS%3DALNI_MaVw7vjWyzJfQivw3hv4Nkvu2cgzg&prev_fmts=0x0%2C1200x280&nras=3&correlator=3165898423328&frm=20&pv=1&ga_vid=189059111.1662637244&ga_sid=1662637244&ga_hid=1074004187&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069395&oid=2&pvsid=593547112269551&tmod=1209051190&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=X6IPOreZiY&p=https%3A//fortunetelleroracle.com&dtd=13
Frame ID: 26796AC939EDF5E975802CB3E985B106
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2744327701249356&output=html&h=100&adk=2733543794&adf=1599647363&pi=t.aa~a.2119124369~rp.2&w=405&fwrn=4&fwrnh=100&lmt=1662637244&rafmt=1&to=qs&pwprc=6496725761&psa=1&format=405x100&url=https%3A%2F%2Ffortunetelleroracle.com%2Fprofile%2Fjustintyler&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662637244254&bpp=1&bdt=1028&idt=1&shv=r20220901&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db031b2c989abb531-220e000a18ce009d%3AT%3D1662637244%3ART%3D1662637244%3AS%3DALNI_MaVw7vjWyzJfQivw3hv4Nkvu2cgzg&prev_fmts=0x0%2C1200x280%2C269x240&nras=4&correlator=3165898423328&frm=20&pv=1&ga_vid=189059111.1662637244&ga_sid=1662637244&ga_hid=1074004187&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=530&ady=1744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069395&oid=2&pvsid=593547112269551&tmod=1209051190&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=8wiT0xq16L&p=https%3A//fortunetelleroracle.com&dtd=17
Frame ID: 1EA914AB35615A03CD0A056B93E694E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220901/r20110914/zrt_lookup.html?fsb=1
Frame ID: 546ABB22BE6AF84F9DE536221390497B
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Frame ID: 4DCFBF5EA90201E60E371FCE151545D1
Requests: 24 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: BBFA1EED434288F774230C96A9E350A2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E36E422BBA8F2C48BDA98990E2DB0801
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7CCA2C80531C4AB890575B1C090CC369
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

justintyler | Digital media blog website

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

92
Requests

98 %
HTTPS

71 %
IPv6

15
Domains

23
Subdomains

22
IPs

5
Countries

1605 kB
Transfer

3225 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://fortunetelleroracle.com/assets/images/bggray.png?b24645598b07ff1a908d50d892cf5c0d HTTP 302
  • https://fortunetelleroracle.com/
Request Chain 21
  • https://fortunetelleroracle.com/upload/media/posts/2021-11/01/quickbooks-pro-versus-premier-the-ultimate-comparison-guide_1635749143-b.jpg HTTP 302
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01 HTTP 301
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/ HTTP 301
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01 HTTP 301
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/ HTTP 301
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01 HTTP 301
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/ HTTP 301
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01 HTTP 301
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/ HTTP 301
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01 HTTP 301
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/ HTTP 301
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01 HTTP 301
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/ HTTP 301
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01 HTTP 301
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/ HTTP 301
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01 HTTP 301
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/ HTTP 301
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01 HTTP 301
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/ HTTP 301
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01 HTTP 301
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/

92 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request justintyler
fortunetelleroracle.com/profile/ 		47 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.30
Resource Hash
6417281644d3ed331c9e80c4fba7a2a88f6ec7e7c5269ba9aa3a947524a8fbc8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, private
content-encoding
br
content-length
8062
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 08 Sep 2022 11:40:43 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.30
css
fonts.googleapis.com/ 		1 KB
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,500,600,700&subset=latin,latin-ext
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 11:40:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 08 Sep 2022 11:40:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Sep 2022 11:40:43 GMT
icon
fonts.googleapis.com/ 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 11:40:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 08 Sep 2022 11:40:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Sep 2022 11:40:43 GMT
plugins.css
fortunetelleroracle.com/assets/css/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fortunetelleroracle.com/assets/css/plugins.css?v=4.9.0
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
08961ba3cdaff8805f310eda71633a77f95c7f7a64d42b8943f08d30df6e098e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/profile/justintyler
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
content-encoding
br
last-modified
Sat, 12 Feb 2022 03:33:32 GMT
server
LiteSpeed
etag
"a531-62072a8c-576e3f4906870ff3;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
7881
expires
Thu, 15 Sep 2022 11:40:43 GMT
application.css
fortunetelleroracle.com/assets/css/ 		159 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fortunetelleroracle.com/assets/css/application.css?v=4.9.0
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
638bd60e66ec8ecd4bb3af4138ca98a6476be1166194664c5686fe61eb8cb063
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/profile/justintyler
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 22:39:14 GMT
server
LiteSpeed
etag
"27aff-625f3a12-5c86eb6ef5a0612f;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
27760
expires
Thu, 15 Sep 2022 11:40:43 GMT
style.css
fortunetelleroracle.com/assets/theme/viralmag/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fortunetelleroracle.com/assets/theme/viralmag/css/style.css
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fe35b3ce2020beb1f38574f9bb9a831027b20d7b279e3b9429fd4c4ce318e5d7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/profile/justintyler
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
content-encoding
br
last-modified
Sat, 12 Feb 2022 03:33:32 GMT
server
LiteSpeed
etag
"131d-62072a8c-411b05d2908763e5;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
1128
expires
Thu, 15 Sep 2022 11:40:43 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2744327701249356
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96c253121e54f09ac420e4fa8263ca547d21fc64f2e0bcc4d5fadcd7e8900e27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fortunetelleroracle.com/
Origin
https://fortunetelleroracle.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57542
x-xss-protection
0
server
cafe
etag
9425465332579140231
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 11:40:43 GMT
logo.png
fortunetelleroracle.com/upload/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fortunetelleroracle.com/upload/logo.png
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a0ed7b4e41d84896aef0881aaea343a409bbd03ccb66002b852a4b96c9411d1c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/profile/justintyler
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
last-modified
Wed, 22 Sep 2021 21:40:23 GMT
server
LiteSpeed
etag
"692b-614ba2c7-3f72eabf1ebeac01;;;"
content-type
image/png
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
26923
expires
Thu, 15 Sep 2022 11:40:43 GMT
flogo.png
fortunetelleroracle.com/upload/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fortunetelleroracle.com/upload/flogo.png
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fc047acd13082e35841eeb5b268e931fea6e51bf3283058926169523d5f06326
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/profile/justintyler
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
last-modified
Wed, 22 Sep 2021 21:40:23 GMT
server
LiteSpeed
etag
"473a-614ba2c7-cc0eed703529387c;;;"
content-type
image/png
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
18234
expires
Thu, 15 Sep 2022 11:40:43 GMT
justintyler-1662529611-b.jpg
fortunetelleroracle.com/upload/media/members/splash/2022-09/07/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fortunetelleroracle.com/upload/media/members/splash/2022-09/07/justintyler-1662529611-b.jpg
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ca85abd46e1fad942b9ba20c365cf7a3c86b11fd6d5d5083902f692968628a17
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/profile/justintyler
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
last-modified
Wed, 07 Sep 2022 05:46:51 GMT
server
LiteSpeed
etag
"805f-6318304b-a0163153a0591576;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
32863
expires
Thu, 15 Sep 2022 11:40:43 GMT
user-avatar-b.jpg
fortunetelleroracle.com/assets/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fortunetelleroracle.com/assets/images/user-avatar-b.jpg
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4d3af017cae728d9b8d6057934c25a2ad098288c874a73d922a15f77b324b276
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/profile/justintyler
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
last-modified
Mon, 02 Mar 2020 20:24:43 GMT
server
LiteSpeed
etag
"123a-5e5d6b8b-f7f6e9baa6a8994b;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
4666
expires
Thu, 15 Sep 2022 11:40:43 GMT
manifest.js
fortunetelleroracle.com/assets/js/ 		1 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fortunetelleroracle.com/assets/js/manifest.js?v=4.9.0
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0aeb7391da0ea13778b8396eb6c9415430f5457990e9d3a07eeaf1ac7ea10c0e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/profile/justintyler
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
content-encoding
br
last-modified
Thu, 17 Feb 2022 13:19:20 GMT
server
LiteSpeed
etag
"51b-620e4b58-19177911947523a8;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
715
expires
Thu, 15 Sep 2022 11:40:43 GMT
vendor.js
fortunetelleroracle.com/assets/js/ 		125 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortunetelleroracle.com/assets/js/vendor.js?v=4.9.0
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bc40f4e56d8f549182ba0bf0a5201b16904f84a5a63c5f749171deebd44033a0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/profile/justintyler
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
content-encoding
br
last-modified
Sat, 12 Feb 2022 03:33:32 GMT
server
LiteSpeed
etag
"1f483-62072a8c-3f2b61adb715450f;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
41437
expires
Thu, 15 Sep 2022 11:40:43 GMT
app.min.js
fortunetelleroracle.com/assets/js/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fortunetelleroracle.com/assets/js/app.min.js?v=4.9.0
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4fa1f5c4f5e0b9f388d2f31f4efdcf3ee6f106f891afb077e70ba9578719c917
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/profile/justintyler
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 19:52:46 GMT
server
LiteSpeed
etag
"7e3f-625f130e-4c583d2ae47c4380;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
9257
expires
Thu, 15 Sep 2022 11:40:43 GMT
js
www.googletagmanager.com/gtag/ 		108 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-52365926-1
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
42c92eb3ba563add05009a10887b937740cc174342ec7347087cd1248f3f139e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42933
x-xss-protection
0
expires
Thu, 08 Sep 2022 11:40:43 GMT
js
www.paypal.com/sdk/ 		326 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=Ac2DPBLqKQ-Vh0rFj4Ystlcbm2oWaNy0vD1XMniJlib4gz4RBTUo2U6ELS6NX4Au-1BFn4r7G1SLDaeg&enable-funding=venmo&currency=USD
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d7338fc6cac83dde0a5d6c42b68255bd0e75634670927790a61d6cebcfbcc52
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-u2hXK6Rr4AJF713xmMNQ+Sq0+hKdRA/blhhVD4IXoOGeftFM' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-u2hXK6Rr4AJF713xmMNQ+Sq0+hKdRA/blhhVD4IXoOGeftFM' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-u2hXK6Rr4AJF713xmMNQ+Sq0+hKdRA/blhhVD4IXoOGeftFM' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-u2hXK6Rr4AJF713xmMNQ+Sq0+hKdRA/blhhVD4IXoOGeftFM' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
0
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
p3p
true
paypal-debug-id
f2866860cae07
server-timing
"traceparent;desc="00-0000000000000000000f2866860cae07-11e526a2c3b99306-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
102052
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100046-IAD, cache-ewr18122-EWR
traceparent
00-0000000000000000000f2866860cae07-d77420d9717e8382-01
x-timer
S1662637244.648208,VS0,VE339
x-frame-options
SAMEORIGIN
date
Thu, 08 Sep 2022 11:40:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"18ea4-dOaXRORrU67M/0lvan6aXhQysCM"
accept-ranges
bytes
x-cache-hits
0, 0
/
fortunetelleroracle.com/
Redirect Chain
  • https://fortunetelleroracle.com/assets/images/bggray.png?b24645598b07ff1a908d50d892cf5c0d
  • https://fortunetelleroracle.com/
64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fortunetelleroracle.com/
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/assets/css/application.css?v=4.9.0
Protocol
H3
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/assets/css/application.css?v=4.9.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
content-security-policy
upgrade-insecure-requests
content-length
13199

Redirect headers

date
Thu, 08 Sep 2022 11:40:43 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://fortunetelleroracle.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-security-policy
upgrade-insecure-requests
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
215
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,500,600,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fortunetelleroracle.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 17:08:09 GMT
x-content-type-options
nosniff
age
153154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 17:08:09 GMT
best-baby-pillow-buying-guide_1659954324-b.jpg
fortunetelleroracle.com/upload/media/posts/2022-08/08/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fortunetelleroracle.com/upload/media/posts/2022-08/08/best-baby-pillow-buying-guide_1659954324-b.jpg
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6580e01d772721415ba3eb130376c1fe28c5ed12150b570ba41566cbd7179062
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/profile/justintyler
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
last-modified
Mon, 08 Aug 2022 10:25:24 GMT
server
LiteSpeed
etag
"de61-62f0e494-38a91d257ad92de;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
56929
expires
Thu, 15 Sep 2022 11:40:43 GMT
the-cuddle-pillow-for-side-sleepers_1659951027-b.jpg
fortunetelleroracle.com/upload/media/posts/2022-08/08/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fortunetelleroracle.com/upload/media/posts/2022-08/08/the-cuddle-pillow-for-side-sleepers_1659951027-b.jpg
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
29fe69b9bb6d259e0a062f14b0954fb826fd5871accc12a75106990b93789d9d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/profile/justintyler
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
last-modified
Mon, 08 Aug 2022 09:30:27 GMT
server
LiteSpeed
etag
"15550-62f0d7b3-83de00f69b42605e;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
87376
expires
Thu, 15 Sep 2022 11:40:43 GMT
body-pillow-shredded-memory-foam-essentials-pregnancy-pillow_1658311233-b.jpg
fortunetelleroracle.com/upload/media/posts/2022-07/20/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fortunetelleroracle.com/upload/media/posts/2022-07/20/body-pillow-shredded-memory-foam-essentials-pregnancy-pillow_1658311233-b.jpg
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
83f79e4199aaab8ff167c19f23b531e84a7136253dda9895791e9438795cf803
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/profile/justintyler
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
last-modified
Wed, 20 Jul 2022 10:00:33 GMT
server
LiteSpeed
etag
"18acd-62d7d241-d6c41c2005b309fa;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
101069
expires
Thu, 15 Sep 2022 11:40:43 GMT
sage-50-unable-to-send-email-nothing-happens-when-trying-to-e-mail_1656064481-b.jpg
fortunetelleroracle.com/upload/media/posts/2022-06/24/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fortunetelleroracle.com/upload/media/posts/2022-06/24/sage-50-unable-to-send-email-nothing-happens-when-trying-to-e-mail_1656064481-b.jpg
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2b1ace8851a6f85e4bfe2400f014bdaf302b3c96227ce887cf4a06ba7c382a8d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/profile/justintyler
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
last-modified
Fri, 24 Jun 2022 09:54:41 GMT
server
LiteSpeed
etag
"1043c-62b589e1-89a50ffae7c382b0;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
66620
expires
Thu, 15 Sep 2022 11:40:43 GMT
/
www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/
Redirect Chain
  • https://fortunetelleroracle.com/upload/media/posts/2021-11/01/quickbooks-pro-versus-premier-the-ultimate-comparison-guide_1635749143-b.jpg
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/
  • https://www.fortunetelleroracle.com/upload/media/posts/2021-11/01
  • https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/
0
0
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fortunetelleroracle.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 20:32:16 GMT
x-content-type-options
nosniff
age
572907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 20:32:16 GMT
TMSans-Bold.woff
fortunetelleroracle.com/assets/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fortunetelleroracle.com/assets/fonts/TMSans-Bold.woff?0f3c3d64168f36f570978cd4155d4dab
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/assets/css/application.css?v=4.9.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7cfc5ae07f7f70ac49f92793eda54d7e3e19c0598c63649da77ecd01674efb91
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://fortunetelleroracle.com/assets/css/application.css?v=4.9.0
Origin
https://fortunetelleroracle.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
last-modified
Wed, 03 Mar 2021 09:18:11 GMT
server
LiteSpeed
etag
"96ac-603f5453-8bc428fe40a3c265;;;"
content-type
application/font-woff
date
Thu, 08 Sep 2022 11:40:43 GMT
accept-ranges
bytes
content-length
38572
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,500,600,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fortunetelleroracle.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 17:08:09 GMT
x-content-type-options
nosniff
age
153154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 17:08:09 GMT
TMSans-Regular.woff
fortunetelleroracle.com/assets/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fortunetelleroracle.com/assets/fonts/TMSans-Regular.woff?ac0ba247f27b68ca1063e7af9d90dbbd
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/assets/css/application.css?v=4.9.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:620:0:2314:da7e:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d86d1c0e48f6682d54d0f36083235e9f766abce6d4ba8045154d40a2feff9136
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://fortunetelleroracle.com/assets/css/application.css?v=4.9.0
Origin
https://fortunetelleroracle.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
last-modified
Wed, 03 Mar 2021 09:18:11 GMT
server
LiteSpeed
etag
"9470-603f5453-26bea06b35c5607c;;;"
content-type
application/font-woff
date
Thu, 08 Sep 2022 11:40:43 GMT
accept-ranges
bytes
content-length
38000
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/ 		344 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2744327701249356&plah=fortunetelleroracle.com&bust=31069395
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2744327701249356
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40e47d07c8fd9945e8049085a4c897c0c2c41b20822cce01c6d1471c017132e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124218
x-xss-protection
0
server
cafe
etag
13552890745808407252
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 11:40:43 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/ Frame 9778 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2744327701249356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fortunetelleroracle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
12071
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 08:19:32 GMT
etag
8616628553774171045
expires
Thu, 22 Sep 2022 08:19:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		227 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=fortunetelleroracle.com&callback=_gfp_s_&client=ca-pub-2744327701249356
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2744327701249356&plah=fortunetelleroracle.com&bust=31069395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9bace427fa86d079508c5309a95c1b3667ebb38314fad269f1bc0e776d3cbcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
211
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=fortunetelleroracle.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2744327701249356&plah=fortunetelleroracle.com&bust=31069395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 11:40:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fortunetelleroracle.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2744327701249356&plah=fortunetelleroracle.com&bust=31069395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 11:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 769A 		46 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2744327701249356&output=html&adk=1812271804&adf=3025194257&lmt=1662637243&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffortunetelleroracle.com%2Fprofile%2Fjustintyler&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662637243574&bpp=7&bdt=348&idt=290&shv=r20220901&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3165898423328&frm=20&pv=2&ga_vid=189059111.1662637244&ga_sid=1662637244&ga_hid=1074004187&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069395&oid=2&pvsid=593547112269551&tmod=1209051190&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=307
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2744327701249356&plah=fortunetelleroracle.com&bust=31069395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9213dfd56f0036efe7e08419a2141a8a2196175f3adef93822c7ea081d1a578d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fortunetelleroracle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
15035
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 11:40:44 GMT
expires
Thu, 08 Sep 2022 11:40:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 36CF 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2744327701249356&output=html&h=280&adk=3088186576&adf=1211923703&pi=t.aa~a.937185681~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1662637243&rafmt=1&to=qs&pwprc=6496725761&psa=0&format=1200x280&url=https%3A%2F%2Ffortunetelleroracle.com%2Fprofile%2Fjustintyler&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662637243581&bpp=1&bdt=354&idt=306&shv=r20220901&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3165898423328&frm=20&pv=1&ga_vid=189059111.1662637244&ga_sid=1662637244&ga_hid=1074004187&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069395&oid=2&pvsid=593547112269551&tmod=1209051190&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=97g9ZuLNS0&p=https%3A//fortunetelleroracle.com&dtd=310
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2744327701249356&plah=fortunetelleroracle.com&bust=31069395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42587d44d29fd1cafe0936d9ce26b6de8052c6532c84373f5b5aa6e97c676231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fortunetelleroracle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 11:40:44 GMT
expires
Thu, 08 Sep 2022 11:40:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pptm.js
www.paypal.com/tagmanager/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=fortunetelleroracle.com&t=xo&v=5.0.331&source=payments_sdk&client_id=Ac2DPBLqKQ-Vh0rFj4Ystlcbm2oWaNy0vD1XMniJlib4gz4RBTUo2U6ELS6NX4Au-1BFn4r7G1SLDaeg&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Ac2DPBLqKQ-Vh0rFj4Ystlcbm2oWaNy0vD1XMniJlib4gz4RBTUo2U6ELS6NX4Au-1BFn4r7G1SLDaeg&enable-funding=venmo&currency=USD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e73f7cfa5b48c12647154a9c377cd112d139dde15b02e4f4ef84c68693a78f7d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-8Fy9JYG1kXz+gcfenmPCFfduaWIEajin5ivbIvHLA+RsuFm+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-8Fy9JYG1kXz+gcfenmPCFfduaWIEajin5ivbIvHLA+RsuFm+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
age
53973
x-cache
MISS, HIT
paypal-debug-id
f765198338b66
server-timing
"traceparent;desc="00-0000000000000000000f765198338b66-ceb876b4df0f3922-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4751
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200173-IAD, cache-ewr18122-EWR
traceparent
00-0000000000000000000f765198338b66-1191b89f83e60bb2-01
x-timer
S1662637244.244823,VS0,VE2
x-frame-options
SAMEORIGIN
date
Thu, 08 Sep 2022 11:40:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600
etag
W/"354c-YFy9LGTAPVs1dtkIWd6Sv2TdAow"
accept-ranges
bytes
x-cache-hits
0, 1
sdk.js
connect.facebook.net/en_EN/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_EN/sdk.js
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/assets/js/app.min.js?v=4.9.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3249f5bb94c75882aa65cc2cbbc7a0f8cd946e4a59038f1d25fed6f04e69b22d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
e/Xj466s/F87y1w4LrziAA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
Yrh9Mmq9zUdPjH51J5phiHewnIpklvJEbDvtj5oG4e4AAiR9jFCZv+AMOlOG96hZJ9GGI5DqGfJ9YFmWe6soxA==
x-fb-trip-id
2050670934
x-fb-content-md5
6b73be5c37c827003e64632085d2672f
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 08 Sep 2022 11:40:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"20dbf168d9f2696f5643f8c7caf8b54a"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 08 Sep 2022 11:51:18 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/reactive_library_fy2021.js?bust=31069395
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2744327701249356&plah=fortunetelleroracle.com&bust=31069395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
449dc946cb13db0e953cba1f6d719d908b158a91d7739dd95d5ad5a8c929251c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54591
x-xss-protection
0
server
cafe
etag
2744222441704966740
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 11:40:44 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=fortunetelleroracle.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2744327701249356&plah=fortunetelleroracle.com&bust=31069395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 11:40:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fortunetelleroracle.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2744327701249356&plah=fortunetelleroracle.com&bust=31069395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 11:40:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2679 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2744327701249356&output=html&h=240&adk=3918215417&adf=1298400054&pi=t.aa~a.3704201861~rp.3&w=269&fwrn=4&fwrnh=100&lmt=1662637244&rafmt=1&to=qs&pwprc=6496725761&psa=1&format=269x240&url=https%3A%2F%2Ffortunetelleroracle.com%2Fprofile%2Fjustintyler&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662637244254&bpp=1&bdt=1028&idt=-M&shv=r20220901&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db031b2c989abb531-220e000a18ce009d%3AT%3D1662637244%3ART%3D1662637244%3AS%3DALNI_MaVw7vjWyzJfQivw3hv4Nkvu2cgzg&prev_fmts=0x0%2C1200x280&nras=3&correlator=3165898423328&frm=20&pv=1&ga_vid=189059111.1662637244&ga_sid=1662637244&ga_hid=1074004187&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069395&oid=2&pvsid=593547112269551&tmod=1209051190&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=X6IPOreZiY&p=https%3A//fortunetelleroracle.com&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2744327701249356&plah=fortunetelleroracle.com&bust=31069395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d6d743ad9fb98d9a81bd662d8d7df1b36c404a6c0459e164d1a7d43d630cc18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fortunetelleroracle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 11:40:44 GMT
expires
Thu, 08 Sep 2022 11:40:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1EA9 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2744327701249356&output=html&h=100&adk=2733543794&adf=1599647363&pi=t.aa~a.2119124369~rp.2&w=405&fwrn=4&fwrnh=100&lmt=1662637244&rafmt=1&to=qs&pwprc=6496725761&psa=1&format=405x100&url=https%3A%2F%2Ffortunetelleroracle.com%2Fprofile%2Fjustintyler&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662637244254&bpp=1&bdt=1028&idt=1&shv=r20220901&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db031b2c989abb531-220e000a18ce009d%3AT%3D1662637244%3ART%3D1662637244%3AS%3DALNI_MaVw7vjWyzJfQivw3hv4Nkvu2cgzg&prev_fmts=0x0%2C1200x280%2C269x240&nras=4&correlator=3165898423328&frm=20&pv=1&ga_vid=189059111.1662637244&ga_sid=1662637244&ga_hid=1074004187&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=530&ady=1744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069395&oid=2&pvsid=593547112269551&tmod=1209051190&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=8wiT0xq16L&p=https%3A//fortunetelleroracle.com&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2744327701249356&plah=fortunetelleroracle.com&bust=31069395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb10127ff53cc1499c45f108219c66ad095b31278927d3c5b0401fbe42285c50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fortunetelleroracle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 11:40:44 GMT
expires
Thu, 08 Sep 2022 11:40:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
logger
www.paypal.com/xoplatform/logger/api/ 		1019 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Ac2DPBLqKQ-Vh0rFj4Ystlcbm2oWaNy0vD1XMniJlib4gz4RBTUo2U6ELS6NX4Au-1BFn4r7G1SLDaeg&enable-funding=venmo&currency=USD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
88de7e916cb815026f34c07b6546e24bad7fecc6643a394fbd2f9d1fc1ada95b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://fortunetelleroracle.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type
application/json

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f16956950d20e
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-iad-kjyo7100164-IAD, cache-ewr18172-EWR
traceparent
00-0000000000000000000f16956950d20e-42bce5b253b7d97e-01
x-timer
S1662637245.737065,VS0,VE89
etag
W/W/"3fb-eiz9LXOwqBzxkrURPvVkvXPStrI"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fortunetelleroracle.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://fortunetelleroracle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://fortunetelleroracle.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Thu, 08 Sep 2022 11:40:44 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f169569e7ff6f
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f169569e7ff6f-fb3d8db1c529712f-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-iad-kcgs7200077-IAD, cache-ewr18172-EWR
x-timer
S1662637245.525763,VS0,VE114
muse.js
www.paypalobjects.com/muse/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=fortunetelleroracle.com&t=xo&v=5.0.331&source=payments_sdk&client_id=Ac2DPBLqKQ-Vh0rFj4Ystlcbm2oWaNy0vD1XMniJlib4gz4RBTUo2U6ELS6NX4Au-1BFn4r7G1SLDaeg&vault=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
f286ba7707a0b
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
16464
x-served-by
cache-dfw18646-DFW, cache-ewr18155-EWR
last-modified
Tue, 03 May 2022 17:28:29 GMT
x-timer
S1662637245.613254,VS0,VE0
etag
W/"6271663d-da91"
strict-transport-security
max-age=31557600
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
1, 345529
ts
t.paypal.com/ 		42 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AJW47T65SAJMX4-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AJW47T65SAJMX4-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3d093e3a-fcd9-4391-9cc8-8936b288d257&fltp=analytics&mrid=JW47T65SAJMX4&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=justintyler%20%7C%20Digital%20media%20blog%20website&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1662637244297&g=0&completeurl=https%3A%2F%2Ffortunetelleroracle.com%2Fprofile%2Fjustintyler
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
b48750cbf2372
x-cache-hits
0, 0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-iad-kcgs7200081-IAD, cache-ewr18150-EWR
pragma
no-cache
traceparent
00-0000000000000000000b48750cbf2372-9067cfac51cc9eff-01
x-timer
S1662637245.613070,VS0,VE87
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Sep 2022 11:40:44 GMT
sdk.js
connect.facebook.net/en_US/ 		298 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=18da58cb2215fc6211b94c82702ea38b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b98fd550b09266b75cab23c1f5d51a371acaab290cbe9a007e7c5302a185e69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://fortunetelleroracle.com/
Origin
https://fortunetelleroracle.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
7ex52l7PPE8V3JdhMT0PKA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86523
x-fb-rlafr
0
x-fb-debug
BcTeoLfae+kcSBWTwNa1P7r+P0ZL83L7qnr6WHo9rb0IX8DWeRc0VLBapPshjpE/o4XzEVQF+JyNnc/XSyQ83w==
x-fb-content-md5
411235a3b38f1a9f6535383a9cd9358d
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 08 Sep 2022 11:40:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"b32ee0b4c9d4a5bae7a67bb506e2dce3"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 08 Sep 2023 09:45:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220901/r20110914/ Frame 546A 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220901/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2744327701249356&plah=fortunetelleroracle.com&bust=31069395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fortunetelleroracle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
25445
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 04:36:39 GMT
etag
8616628553774171045
expires
Thu, 22 Sep 2022 04:36:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4DCF 		150 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220901/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e8b67b1f1c7a43168920a077df672e434a06cd08697c6cda5d21b2c8598e7111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 11:40:44 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=UsyVQ-QmQI63I_6MP7d79dzz0y6KF_bqN_5xcV8513k45uHrzbRwhC-681uKfKeGLY02yoT3Oa6HtCG9w06o7hJMMG_W4IQBxn-dk19uXDMD5xgGVOpgvkufLCCOpx4sER2vZ7Rhow6UcbTXltBx9Dd1_2cqPy6tRxbt-TikBBI2H7ZOZXhUXY-xlCe-8Bao3ffElVVnRF1KmfKRPOPu6L6UhothDyzM-6ly9fgJiLgpLoXs97DsD1xI3RAv-WYByFWY-A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
123345491
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 546A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220901/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:38:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 11:38:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 546A 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220901/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:38:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7602
x-xss-protection
0
server
cafe
etag
8484125879011292595
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 11:38:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 546A 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220901/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 11:40:44 GMT
truncated
/ Frame 546A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b0e03d91b08282d46bab47120b3e40b7343c9acce06daad01e4f8ffdaa35bf7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 546A 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClmewvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTkAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWmXG37qFJy5szKXQyQQilnUgK5ORj1ie273aSEUqgEykk_B7JRiSIAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yNzQ0MzI3NzAxMjQ5MzU2GAA&sigh=Vt_dEv31Wdg&uach_m=[UACH]&cid=CAQSGwCsnQUx7gsCVbCINmKFPnCj62ERBZBP9htxwRgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220901/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220901/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 08 Sep 2022 11:40:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 546A 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kJq8Erz6RO0HfJ2DYgICAAAATkB498hDC0IQu9QZYwpN8chSidOoHtyMABIAAA&wp=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220901/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
server
Kestrel
server-processing-duration-in-ticks
174937
content-length
0
strict-transport-security
max-age=31536000; preload;
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4DCF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 03 Sep 2023 11:40:44 GMT
adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 4DCF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_nl.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-754"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 03 Sep 2023 11:40:44 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4DCF 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 03 Sep 2023 11:40:44 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 4DCF 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 03 Sep 2023 11:40:44 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 4DCF 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Uhw5VJB7vsCSPjpxQA1a1uyckWfukyjQqhRpu-pcuuyR0ei6oeg4fEMPKh4vpoG9EOmfmujbghYaAlLL-84FIkk2eZQyHI_H0eTA2rHqTGQ3h4PxNuW7Q7qTdpcMRkMznmIBmKk5uO08sRA3IBWSSVET-CU9DsuFRrwQjJH7h42x0_64IwhdqajLkrNdPC1f_T5UF8Reav7rPexGRdAnNILVOYEsEnp1PpPxxWOFUsdFn9W0KsQs4sTaOp8kwnjvvxHk5t2dhK1zJaCi3r8JtnrMPlPHEVQgDFMNVm49cu0anpretHQtfN15qVdsbeQ2IGajMd2JjbWjtIIMdPrGnlgA0YJjFbqW2xXqf6Xho0X0hzPL5p8kIJG53dYOapK7e_sYPD738tPpom9bqeZe8SmMP_KxAvy1b_p9oEi1K1OE-ZVy
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 11:40:43 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3418976
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame BBFA 		54 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://fortunetelleroracle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16791
content-type
text/html
date
Thu, 08 Sep 2022 11:40:44 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"6271663d-d994"
last-modified
Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id
eddc37c6f2454
strict-transport-security
max-age=31557600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
1, 387891
x-content-type-options
nosniff
x-served-by
cache-dfw18671-DFW, cache-ewr18155-EWR
x-timer
S1662637245.726451,VS0,VE0
animejs.js
static.criteo.net/animejs/ Frame 4DCF 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 03 Sep 2023 11:40:44 GMT
img
pix.eu.criteo.net/img/ Frame 4DCF 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=244&m=0&partner=71093&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F69968%2F200319%2F70a5634dc08c484a92b4a51841bcf0ce_unitednudelogo.png&v=3&w=196&s=cyLM27ltJg9nyNQhZom2SNzQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5a1a8253fdc9653996614a8f70e40ef32ffad24fe68dd23ac39695ad85b816b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29705729
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4086
expires
Fri, 18 Aug 2023 07:16:14 GMT
img
pix.eu.criteo.net/img/ Frame 4DCF 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=71093&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F71093%2F210512%2F953a3aefdede4761b9d7e1b08c96c144_img_horizontal_1.jpg&v=3&w=1200&s=uNSlznA2XJwmDUOoJQCCpSde
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ba6e4b4672c5aa32c2ef79639ae5199bd4f40fd0c082e3cb64d5795ced601975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28491406
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
13584
expires
Fri, 04 Aug 2023 05:57:31 GMT
img
pix.eu.criteo.net/img/ Frame 4DCF 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fspace-kick-summer-women-rog-1-outside.jpg%3Fv%3D1645133771&v=3&w=400&s=fHTxPpsgZdXTQTyrfXfDdZBq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
500cb6934ff00c4592847e76afa69fd28a7bc7ba49ca69f7c724bca5d13b4939
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31097861
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7372
expires
Sun, 03 Sep 2023 09:58:25 GMT
img
pix.eu.criteo.net/img/ Frame 4DCF 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Ffold-lite-hi-bright-mix-out_5c1c073a-3141-47c5-8c39-2a18ec8a70d8.jpg%3Fv%3D1610068455&v=3&w=400&s=IP0maPf4UeZ8CMy80lmHaCcA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
43cf96cdacd8ba5365af88f9fc6029fd105d7be5f22c641a9cd88b295259a3d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30549569
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
19530
expires
Mon, 28 Aug 2023 01:40:13 GMT
img
pix.eu.criteo.net/img/ Frame 4DCF 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fwa-run-lo-future-outside.jpg%3Fv%3D1654548386&v=3&w=400&s=gYm2GtpSUUKJpvaa_da9Ob5j&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2b7073050e46081e1dd06b0ffdc4f8906f6ceac7c18a66dd6008fe4160a157e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31456652
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8774
expires
Thu, 07 Sep 2023 13:38:17 GMT
img
pix.eu.criteo.net/img/ Frame 4DCF 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Flev-calli-hi-silver-grey-outside.jpg%3Fv%3D1630226281&v=3&w=400&s=uu_cdhpAURhBQPtWxWBCyJTi&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f4bcd92015b1af32481c4673d14acb4f9c7871d2092c1c23b1986749a6e20f66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31532285
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
10122
expires
Fri, 08 Sep 2023 10:38:50 GMT
img
pix.eu.criteo.net/img/ Frame 4DCF 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Froko-hype-rog-1-outside.jpg%3Fv%3D1645134153&v=3&w=400&s=-rCp7bQWCwFp-PVAqs2Pd7NU&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f0bbaf83176870a66d192d4a40329ffe3513b381bd86dc0f9be21b698d38dd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31183944
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8448
expires
Mon, 04 Sep 2023 09:53:09 GMT
img
pix.eu.criteo.net/img/ Frame 4DCF 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Frun-sandal-hi-olive-1-outside.jpg%3Fv%3D1645134060&v=3&w=400&s=832uXQpZ5IqtFdq2Ij65SKW2&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
44b4f27fe668d899d344dd13ee91eee536695fa9a516739a079ac51fb09053d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29283528
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8640
expires
Sun, 13 Aug 2023 09:59:32 GMT
img
pix.eu.criteo.net/img/ Frame 4DCF 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Froko-space-dark-spring-1-outside.jpg%3Fv%3D1631849224&v=3&w=400&s=TE3q5aa437kLHrcGF_7V8yOM&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0950a870ed7fc321504c6f4dabff8000bf43be014d1a91c32fb49a4ea6336940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30324238
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7462
expires
Fri, 25 Aug 2023 11:04:43 GMT
img
pix.eu.criteo.net/img/ Frame 4DCF 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fdelta-run-rog-1-outside.jpg%3Fv%3D1645133874&v=3&w=400&s=UR_YN5qwdnUY5FATe8VPhBMy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
96742e0376211492d3f972092242e3142514f06129e177dea3c3ec23a8c447e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31026869
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7868
expires
Sat, 02 Sep 2023 14:15:13 GMT
img
pix.eu.criteo.net/img/ Frame 4DCF 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fwa-run-lo-blue-beat-1-outside.jpg%3Fv%3D1645134663&v=3&w=400&s=DJHQRvG1DXz7Aj334II05O8p&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5ae8337b4b0da31129f8e699ce777b823690d2b13b3c60ac505386350987a53b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31023476
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6482
expires
Sat, 02 Sep 2023 13:18:40 GMT
img
pix.eu.criteo.net/img/ Frame 4DCF 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fspace-kick-max-women-mono-1-out.jpg%3Fv%3D1631849211&v=3&w=400&s=65a7Nwr7M4hLjwcEXBynfLNd&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
455cddfa5c86c44177a1d054681990c9c78330c16f7322c89cd7530d90aa96c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30507975
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6398
expires
Sun, 27 Aug 2023 14:07:00 GMT
img
pix.eu.criteo.net/img/ Frame 4DCF 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Frico-sandal-nude-1-outside.jpg%3Fv%3D1645134721&v=3&w=400&s=dhU522n8ZzNt1rtSMjwS_6nG&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
131977cf943ce1de84e28ecc1e995c152876823a8b11aff6fd79fc25f72d2ee3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30334612
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8192
expires
Fri, 25 Aug 2023 13:57:37 GMT
img
pix.eu.criteo.net/img/ Frame 4DCF 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fwa-lo-turquoise-tonic-1-outside.jpg%3Fv%3D1645134259&v=3&w=400&s=Z5oy1XYKqeBVerl3zW3MJ8b1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
54a5af52317595a476c5802abe29ef3fb52932ea84f36c9c692a53c96c172f7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31022648
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7650
expires
Sat, 02 Sep 2023 13:04:52 GMT
all
csm.eu.criteo.net/ Frame 4DCF 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=UsyVQ-QmQI63I_6MP7d79dzz0y6KF_bqN_5xcV8513k45uHrzbRwhC-681uKfKeGLY02yoT3Oa6HtCG9w06o7hJMMG_W4IQBxn-dk19uXDMD5xgGVOpgvkufLCCOpx4sER2vZ7Rhow6UcbTXltBx9Dd1_2cqPy6tRxbt-TikBBI2H7ZOZXhUXY-xlCe-8Bao3ffElVVnRF1KmfKRPOPu6L6UhothDyzM-6ly9fgJiLgpLoXs97DsD1xI3RAv-WYByFWY-A&sds=2&rev=82694&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 08 Sep 2022 11:40:44 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
privacy.svg
static.criteo.net/flash/icon/ Frame 4DCF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:44 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 03 Sep 2023 11:40:44 GMT
ts
t.paypal.com/ 		42 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AJW47T65SAJMX4-1&page=muse%3Aoffer%3A%3A%3AJW47T65SAJMX4-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3d093e3a-fcd9-4391-9cc8-8936b288d257&es=visitorInfoFlowStarted&mrid=JW47T65SAJMX4&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=justintyler%20%7C%20Digital%20media%20blog%20website&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1662637244913&g=0&completeurl=https%3A%2F%2Ffortunetelleroracle.com%2Fprofile%2Fjustintyler
Requested by
Host: fortunetelleroracle.com
URL: https://fortunetelleroracle.com/profile/justintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:45 GMT
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
302541bf6f0cb
x-cache-hits
0, 0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-iad-kcgs7200050-IAD, cache-ewr18150-EWR
pragma
no-cache
traceparent
00-0000000000000000000302541bf6f0cb-5adc6b7bc5fbd12c-01
x-timer
S1662637245.967765,VS0,VE72
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Sep 2022 11:40:45 GMT
graphql
www.paypal.com/targeting/ Frame BBFA 		443 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f798ccaf8d6b1ec4dec385a423ffbc2b2a3850eafb2314516485273894472e5c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-+9VZRCAU8BklVowEE/N0hqOvLJyDSJ7st+oMZEdVgipF8QLJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-+9VZRCAU8BklVowEE/N0hqOvLJyDSJ7st+oMZEdVgipF8QLJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
x-cache
MISS, MISS
paypal-debug-id
f1695694ad705
date
Thu, 08 Sep 2022 11:40:45 GMT
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200032-IAD, cache-ewr18122-EWR
traceparent
00-0000000000000000000f1695694ad705-24fa0997efbc9b06-01
x-timer
S1662637245.168212,VS0,VE359
x-frame-options
SAMEORIGIN
etag
W/W/"1bb-Mp+mxmLEuogPn2K1TRyK4p1uI10"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
content-encoding
br
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Thu, 08 Sep 2022 11:40:45 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f16956914c078
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f16956914c078-2179c96760357810-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-iad-kjyo7100068-IAD, cache-ewr18172-EWR
x-timer
S1662637245.981852,VS0,VE85
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220901&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2744327701249356&plah=fortunetelleroracle.com&bust=31069395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0d73e764d353713fbc85886cd09bbc0baa25b2a6f8a2f14b55558c6e358f351
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 11:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11303
x-xss-protection
0
logger
www.paypal.com/xoplatform/logger/api/ 		1015 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Ac2DPBLqKQ-Vh0rFj4Ystlcbm2oWaNy0vD1XMniJlib4gz4RBTUo2U6ELS6NX4Au-1BFn4r7G1SLDaeg&enable-funding=venmo&currency=USD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
403cc86974a2838213345d98867e35dcda234ca72c658d465a2e316270e1e6c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://fortunetelleroracle.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type
application/json

Response headers

date
Thu, 08 Sep 2022 11:40:45 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f1695690e547d
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-iad-kjyo7100107-IAD, cache-ewr18172-EWR
traceparent
00-0000000000000000000f1695690e547d-612c78d28dcad662-01
x-timer
S1662637245.409311,VS0,VE89
etag
W/W/"3f7-M2DGFX0nKmsR7HrY6PBCGjAcplU"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fortunetelleroracle.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://fortunetelleroracle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://fortunetelleroracle.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Thu, 08 Sep 2022 11:40:45 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f169569e6fcdd
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f169569e6fcdd-e63bdbea2d28d005-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-iad-kiad7000027-IAD, cache-ewr18172-EWR
x-timer
S1662637245.219853,VS0,VE89
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2744327701249356&plah=fortunetelleroracle.com&bust=31069395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 11:40:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E36E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fortunetelleroracle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1988
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 11:07:37 GMT
expires
Fri, 08 Sep 2023 11:07:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7CCA 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6873772c1b0c55320c52df56984230ab2627f87a799025dd58736c8e9607261f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NHpzVdPK6GgCWBIxWmx-gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fortunetelleroracle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-NHpzVdPK6GgCWBIxWmx-gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 11:40:45 GMT
expires
Thu, 08 Sep 2022 11:40:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame E36E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 12:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 12:19:12 GMT
generate_204
tpc.googlesyndication.com/ Frame E36E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?yjLFzw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ts
t.paypal.com/ 		42 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AJW47T65SAJMX4-1&page=muse%3Aoffer%3A%3A%3AJW47T65SAJMX4-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3d093e3a-fcd9-4391-9cc8-8936b288d257&es=visitorInfo&cust=identified&mrid=JW47T65SAJMX4&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=justintyler%20%7C%20Digital%20media%20blog%20website&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&unsc=1&identifier_used=DFP&e=im&t=1662637245576&g=0&completeurl=https%3A%2F%2Ffortunetelleroracle.com%2Fprofile%2Fjustintyler
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:40:45 GMT
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
c3592edcbcf51
x-cache-hits
0, 0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-iad-kcgs7200024-IAD, cache-ewr18150-EWR
pragma
no-cache
traceparent
00-0000000000000000000c3592edcbcf51-646904bbf0acae63-01
x-timer
S1662637246.629396,VS0,VE86
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Sep 2022 11:40:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7CCA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220901&jk=593547112269551&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 546A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOxG4GrqYWrPPcChHM4MgBi90WNZUzR2q1_zA8IrOqSA_kyd9reI2LLpAUEQVWfen3HSXUHlaO2N6zUNAqBWgcdjc&sig=Cg0ArKJSzDWAKn9Nqq1EEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=116,800,1000,1140,1140&tos=116,684,200,140,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662637244340&rpt=275&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 11:40:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 4DCF 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=UsyVQ-QmQI63I_6MP7d79dzz0y6KF_bqN_5xcV8513k45uHrzbRwhC-681uKfKeGLY02yoT3Oa6HtCG9w06o7hJMMG_W4IQBxn-dk19uXDMD5xgGVOpgvkufLCCOpx4sER2vZ7Rhow6UcbTXltBx9Dd1_2cqPy6tRxbt-TikBBI2H7ZOZXhUXY-xlCe-8Bao3ffElVVnRF1KmfKRPOPu6L6UhothDyzM-6ly9fgJiLgpLoXs97DsD1xI3RAv-WYByFWY-A&sds=2&rev=82694&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxnUvAAA1UUK7fiQAA2ZT4yF_1_nMNS7tZYusw&u=%7C1JF%2B2h%2BrS2NpnUKPl4rbI0%2BehoaQ1mX4tyAQfgmPXXE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9X52rB3uWbTtyycFRqgtAztIuLqVtILu-yROPEPE8hncKp3FcuBRiWk25jC0s33CR6AflSaiE9GdWyqSCT6YfMaMe_USr7l0MHumlwVIXNF87Fn7dyrJynTG0cQt5RX3htiDEKVAn7vRjEzmClpn6qN-ikpZl8Fikpq94ncx1dwNBa_VMPdW7vt-S2YyZHzMWn1z5LNdCu7FvNsztPS1bbvRFMYPXO-2XdnNXQoXqoIujvEPGOQ-sd1DL7eYIh1goDu8DoiSsEViAVp7mXhIvBy1Y-JsGjymilWgiNNeGFOw6wY2Pqw6ftzZoD9q23mTwcBPpdBpjEJLAhOrKn9R4_gjr7gcUO3RcpjNa2V9d2TDBBF0Zjy-zkRZSXHeN0WGbc0DUgIvamZ1BOT5wPi1BATWMuabd4y9nXhr4u0W9W3sTC9qp6Gh34G2qrPU38VSTAjxJgVU-QlR9ray1tGaCj90hMxRCij40oCt-zhp0BYEd_fLicmVwx9tcABSDSwv_TNczrdvjYlF87MxA6uZIZHrpPX2sDudAZ3KQ9cTBfCQAVS0wDvQqCDuqZ7XKMXXY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_hsQvNQZY8WqA5DxtwfPsrbAC8me0rFczeGS93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjc0NDMyNzcwMTI0OTM1NqAB1bbS6gPIAQmpAjLRRRXkwrA-qAMBqgTnAU_QugRsJL37pPoUGZiVFtQJ5LMTG3OXsXYlNTSltWPM_ZEIIJtw2rLuL3HMd5BYC0ipBDhVPCUO5I78ydhhYmCS2PcuKa-29YTf4_lfCFNA0w_o8yqd6I4K0rTiBrm7PH2f3liIRuIgIZHl4FgU14WSL82VukcmfZYbpFnJ3CEtkqcs1vqAwT70U7TKadXnzZrCkMGqJhIBZkYgeMK2Ti8UztDwdeXoIVTIqjSSIJ5bLD3Lgr9onl7Gnl0-HWnVGV94kxMloI0LV4fAt_8sibpE8DdMY-xDoRyyWL4svldERhBx9yAo7YAGir7AjffhgIVuoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2i5rKgiDwcIE1Lq-hi5g3PYfmkDQ%26client%3Dca-pub-2744327701249356%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 08 Sep 2022 11:40:45 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220901&jk=593547112269551&bg=!6eql6q7NAAZTikH4c4o7ACkAdvg8WjPWYd_sVFEyVVm7A7nZDJYx0rtHdLcZgV4fJgKYZihjZjg4zwIAAABVUgAAAARoAQcKAD8ZLwVpIkf-i_XGVDJWJ2KOv0UCiQJCc-ej_kQGdEd4aXVTgdnkRtTbI57tqsXmbraBpwGVkmhI4f6y5kbGoZyZAr6XErF89FplRiIhmKQf08UvN7brhuc5WxJ3wjU3hPDozvUnNyg2HBNrzvbNIn0RyUVz21ivZg8IolhsAZ2Yu4f2bKf724AONNMbJQkQFuRlsdcRdIcj8bPS9qHWC81jIgzVG0OzYrVXDE63EFuLwGAZFJNFkKQRVO2vEnTnTeBOCgpoTchFprEIcixzxUG_JpmxjH7Uqp4F0nehe39UwwS3bMsFhOtHmByLaXSiorsQfxtPi6lmLHOgmysZg-7kTf9qxSE-AU3wNjnDB8PuQADvh_gH_WGZFHflvosSx9OENNoIDukVGDdkFQbfAj_T08Jq338FZr7qJ0aaAXAfmaw7NkD9dNYfKwFYzkhpzytt4mWf5BcHlIqTbD1qTHqxO1a0nlVaQOphRDc46wuKfGOAg57KCpUy6JYIVA-IAikT8bHpAHw6cMhh7gknutkxqgRYtxNHxrRnlcU8FfQvREpM-k05zo8yikzmZ3CNwowRGkPJESdEk1HSHem9h9fvlxa14sB7Etsmsr9-rlbj9EyaqBt0iUxgoq8f7Frm6rKAMXWC0qRrfHmaeiOXjmcBKrjhqvN-_5YJY9JAGrzBWKYTtunQGv80olIEH8Zf0pIg7rFvIXnWRq-CQxrgXclS8GmXIwSeFfNfdtlvs59nCtAznV3DNySzp5IDvTYPPT12Dl0Q9ROmSzxwDD_JgYmpORL404Aon1hUavpORsaxCurDptP0rhKdczsy8rDqAvljGq7_u2P9T4aIfOiESkMH_JzXt9ky_1vmeZM9A7W_BldLdbmKe3grwlvUVEiDOi6HMkF120lckFRe51hKWptvLnifISzANUkHhAMQeSEBhHPPBqeIiph88R-2wAnuM-d35bEZwaRHQV5bY6vwa7BFYk401dmEkRK5F10IQpXqbYU_Yue3TCOauEoXRwtkYaE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://fortunetelleroracle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.fortunetelleroracle.com
URL
https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| buzzy_base_url string| buzzy_language string| buzzy_facebook_app object| webpackChunkbuzzy function| swal function| sweetAlert function| jQuery function| $ object| NProgress object| Buzzy object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| dataLayer function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| __post_robot_11_0_0___uid_zhuullmilfiumcwcjhldzromymouxr object| paypal object| __zoid_10_1_0___uid_zhuullmilfiumcwcjhldzromymouxr function| initPayPalButton function| fbAsyncInit object| google_llp object| paypalDDL string| PaypalOffersObject function| ppq object| FB object| __buffer object| googletag object| __post_robot_10_0_44__ object| PAYPAL object| GoogleGcLKhOms object| google_image_requests

13 Cookies

Domain/Path Name / Value
fortunetelleroracle.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjNOdkgybStiUHFpQjB6OWVZRmpnUkE9PSIsInZhbHVlIjoiQkxUUkpGL1hBN3JhWGErSkhmMHJST1hJdGJCblhFNlozZVNQQXp6L1NHdTdiL2RxbmdDNWRRZXcxejkrSThlWG8rUFdBUlk3aCtFMTZJTmgyNXJ3REhMUmF5eE1rT2tKaGVJMUU1eGRHTW9iSEdLeGpld3BNank3dFA2eklQYlQiLCJtYWMiOiJmZDFkZWVkMjljM2I4MTU2MDBhZjlkNmNkYzNiY2M5MDk1ODk0YjU4MWRiNWZhYmJmZDQ5OGZkNWY4YTY4NWY5IiwidGFnIjoiIn0%3D
fortunetelleroracle.com/ Name: digital_media_blog_website_session
Value: eyJpdiI6IjhqTFd4Mlpadzh1c3hpaE5CaEliTkE9PSIsInZhbHVlIjoiVDhYWHVyZWZhcFZSOEhwL0h4alRXMVo2K2pvdE92ZE1NU0lKZkVqZ0MrMWFsNWxmL2UxZXNybmR5RGxqVllid0NWa2NvWnpuOGFKcG9HbTA3V2RwNkFOM04wS3dqSk9mVmFrdXNva0xRMWdzc1hqZXAyNEI4SElwOHN2SUpET04iLCJtYWMiOiJjNWMyOTVmNTdlMzhiMmVkOTU2OWFkODZmMDJiYjQ0MDE1NTljMThkZGMwZWFlMDQxODJmZjE2NzllZjBmMWU1IiwidGFnIjoiIn0%3D
.fortunetelleroracle.com/ Name: __gads
Value: ID=b031b2c989abb531-220e000a18ce009d:T=1662637244:RT=1662637244:S=ALNI_MaVw7vjWyzJfQivw3hv4Nkvu2cgzg
.doubleclick.net/ Name: IDE
Value: AHWqTUnKXwLkhC8GwPCdA1O6Cm7fYG78m5ot44GF6sael4lIguU70DYrgnihjz4elQ8
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: nl_NL%3BNL
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY2MjYzNzI0NTQ4MSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: targetingnodeweb
www.paypal.com/ Name: nsid
Value: s%3AZl2X3Pg0vtEzKYui50FI0Acy9lYDK1YT.Lhd%2Fj22FH03I2iehw9dywpXxiQQXCyDuNcvynhkhEkI
.paypal.com/ Name: l7_az
Value: dcg01.phx
.paypalobjects.com/ Name: paypal-offers--cust
Value: identified:1:DFP
.paypal.com/ Name: ts
Value: vreXpYrS%3D1757331645%26vteXpYrS%3D1662639045%26vr%3D1ce704ed1830a621c0b0e649ffffffff%26vt%3D1ce704ed1830a621c0b0e649fffffffe
.paypal.com/ Name: ts_c
Value: vr%3D1ce704ed1830a621c0b0e649ffffffff%26vt%3D1ce704ed1830a621c0b0e649fffffffe

2 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/html/r20220901/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://www.fortunetelleroracle.com/public/upload/media/posts/2021-11/01/
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.nl
cat.fr.eu.criteo.com
connect.facebook.net
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
fortunetelleroracle.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl.eu.criteo.com
static.criteo.net
t.paypal.com
tpc.googlesyndication.com
www.fortunetelleroracle.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.paypal.com
www.paypalobjects.com
www.fortunetelleroracle.com
151.101.1.21
151.101.1.35
151.101.66.133
178.250.0.139
178.250.0.160
178.250.2.150
2a00:1450:4001:801::2003
2a00:1450:4001:801::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400e:80d::200a
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::b
2a02:4780:8:620:0:2314:da7e:1
2a03:2880:f02d:12:face:b00c:0:3
08961ba3cdaff8805f310eda71633a77f95c7f7a64d42b8943f08d30df6e098e
0950a870ed7fc321504c6f4dabff8000bf43be014d1a91c32fb49a4ea6336940
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0aeb7391da0ea13778b8396eb6c9415430f5457990e9d3a07eeaf1ac7ea10c0e
131977cf943ce1de84e28ecc1e995c152876823a8b11aff6fd79fc25f72d2ee3
1b0e03d91b08282d46bab47120b3e40b7343c9acce06daad01e4f8ffdaa35bf7
223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7
29fe69b9bb6d259e0a062f14b0954fb826fd5871accc12a75106990b93789d9d
2b1ace8851a6f85e4bfe2400f014bdaf302b3c96227ce887cf4a06ba7c382a8d
2b7073050e46081e1dd06b0ffdc4f8906f6ceac7c18a66dd6008fe4160a157e7
3249f5bb94c75882aa65cc2cbbc7a0f8cd946e4a59038f1d25fed6f04e69b22d
3d6d743ad9fb98d9a81bd662d8d7df1b36c404a6c0459e164d1a7d43d630cc18
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
403cc86974a2838213345d98867e35dcda234ca72c658d465a2e316270e1e6c8
40e47d07c8fd9945e8049085a4c897c0c2c41b20822cce01c6d1471c017132e1
42587d44d29fd1cafe0936d9ce26b6de8052c6532c84373f5b5aa6e97c676231
42c92eb3ba563add05009a10887b937740cc174342ec7347087cd1248f3f139e
43cf96cdacd8ba5365af88f9fc6029fd105d7be5f22c641a9cd88b295259a3d4
449dc946cb13db0e953cba1f6d719d908b158a91d7739dd95d5ad5a8c929251c
44b4f27fe668d899d344dd13ee91eee536695fa9a516739a079ac51fb09053d5
455cddfa5c86c44177a1d054681990c9c78330c16f7322c89cd7530d90aa96c1
4d3af017cae728d9b8d6057934c25a2ad098288c874a73d922a15f77b324b276
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa1f5c4f5e0b9f388d2f31f4efdcf3ee6f106f891afb077e70ba9578719c917
500cb6934ff00c4592847e76afa69fd28a7bc7ba49ca69f7c724bca5d13b4939
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
54a5af52317595a476c5802abe29ef3fb52932ea84f36c9c692a53c96c172f7e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a1a8253fdc9653996614a8f70e40ef32ffad24fe68dd23ac39695ad85b816b8
5ae8337b4b0da31129f8e699ce777b823690d2b13b3c60ac505386350987a53b
5b98fd550b09266b75cab23c1f5d51a371acaab290cbe9a007e7c5302a185e69
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638bd60e66ec8ecd4bb3af4138ca98a6476be1166194664c5686fe61eb8cb063
6417281644d3ed331c9e80c4fba7a2a88f6ec7e7c5269ba9aa3a947524a8fbc8
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
6580e01d772721415ba3eb130376c1fe28c5ed12150b570ba41566cbd7179062
6873772c1b0c55320c52df56984230ab2627f87a799025dd58736c8e9607261f
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7cfc5ae07f7f70ac49f92793eda54d7e3e19c0598c63649da77ecd01674efb91
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83f79e4199aaab8ff167c19f23b531e84a7136253dda9895791e9438795cf803
88de7e916cb815026f34c07b6546e24bad7fecc6643a394fbd2f9d1fc1ada95b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9213dfd56f0036efe7e08419a2141a8a2196175f3adef93822c7ea081d1a578d
96742e0376211492d3f972092242e3142514f06129e177dea3c3ec23a8c447e8
96c253121e54f09ac420e4fa8263ca547d21fc64f2e0bcc4d5fadcd7e8900e27
9d7338fc6cac83dde0a5d6c42b68255bd0e75634670927790a61d6cebcfbcc52
a0ed7b4e41d84896aef0881aaea343a409bbd03ccb66002b852a4b96c9411d1c
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
ba6e4b4672c5aa32c2ef79639ae5199bd4f40fd0c082e3cb64d5795ced601975
bc40f4e56d8f549182ba0bf0a5201b16904f84a5a63c5f749171deebd44033a0
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ca85abd46e1fad942b9ba20c365cf7a3c86b11fd6d5d5083902f692968628a17
d86d1c0e48f6682d54d0f36083235e9f766abce6d4ba8045154d40a2feff9136
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73f7cfa5b48c12647154a9c377cd112d139dde15b02e4f4ef84c68693a78f7d
e8b67b1f1c7a43168920a077df672e434a06cd08697c6cda5d21b2c8598e7111
e9bace427fa86d079508c5309a95c1b3667ebb38314fad269f1bc0e776d3cbcb
eb10127ff53cc1499c45f108219c66ad095b31278927d3c5b0401fbe42285c50
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bbaf83176870a66d192d4a40329ffe3513b381bd86dc0f9be21b698d38dd6b
f0d73e764d353713fbc85886cd09bbc0baa25b2a6f8a2f14b55558c6e358f351
f4bcd92015b1af32481c4673d14acb4f9c7871d2092c1c23b1986749a6e20f66
f798ccaf8d6b1ec4dec385a423ffbc2b2a3850eafb2314516485273894472e5c
fc047acd13082e35841eeb5b268e931fea6e51bf3283058926169523d5f06326
fe35b3ce2020beb1f38574f9bb9a831027b20d7b279e3b9429fd4c4ce318e5d7