www.echoroukonline.com Open in urlscan Pro
2606:4700:20::681a:582 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.echoroukonline.com/
Submission: On July 26 via manual (July 26th 2023, 4:25:13 pm UTC) from CA — Scanned from CA

Summary HTTP 125 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 38 IPs in 3 countries across 31 domains to perform 125 HTTP transactions. The main IP is 2606:4700:20::681a:582, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.echoroukonline.com. The Cisco Umbrella rank of the primary domain is 876437.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2023. Valid for: a year.

This is the only time www.echoroukonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	2606:4700:20:... 2606:4700:20::681a:582	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:402... 2607:f8b0:4020:806::2008	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:25c... 2600:9000:25c8:f000:0:adab:c280:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:402... 2607:f8b0:4020:805::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
10	2606:4700:303... 2606:4700:3035::6815:556f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:29:1... 2620:1ec:29:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.152.222 172.64.152.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.214.92 13.224.214.92	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:20e... 2600:9000:20ed:600:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.237.249.31 34.237.249.31	14618 (AMAZON-AES) (AMAZON-AES)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
3	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4020:807::2006	15169 (GOOGLE) (GOOGLE)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	2600:1f18:4e9... 2600:1f18:4e9:5a02:3f87:95c8:530d:d4b6	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.13.98 172.217.13.98	15169 (GOOGLE) (GOOGLE)
1	2600:1400:900... 2600:1400:9000::687e:7763	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
125	38

20 2606:4700:20::681a:582 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.echoroukonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25c8:f000:0:adab:c280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.speakol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3035::6815:556f (United States)

ASN13335 (CLOUDFLARENET, US)

i.dzs.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.222 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-92.phl50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ed:600:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.249.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-249-31.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:807::2006 (Montreal, Canada)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a02:3f87:95c8:530d:d4b6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:9000::687e:7763 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:807::2004 (Montreal, Canada) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153	490 KB
20	echoroukonline.com 1 redirects www.echoroukonline.com — Cisco Umbrella Rank: 876437	139 KB
17	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 232	244 KB
10	dzs.cloud i.dzs.cloud	74 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 986 x.clarity.ms — Cisco Umbrella Rank: 8436 c.clarity.ms — Cisco Umbrella Rank: 1579	23 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59	21 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1560 google-bidout-d.openx.net — Cisco Umbrella Rank: 1558 us-u.openx.net — Cisco Umbrella Rank: 473	2 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	335 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 312	337 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 208	169 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 421 mug.criteo.com — Cisco Umbrella Rank: 2491	7 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 377	969 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 313	2 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1666	315 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 907 id5-sync.com — Cisco Umbrella Rank: 420	25 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1070 bcp.crwdcntrl.net — Cisco Umbrella Rank: 900	12 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 76	1 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 215	740 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1488	63 KB
1	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 457	603 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1235	427 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1699	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1697	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 361	897 B
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1417	9 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1658	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	gstatic.com fonts.gstatic.com	89 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3679	51 KB
1	speakol.com cdn.speakol.com — Cisco Umbrella Rank: 195495	142 KB
125	31

	Domain	Requested by
20	www.echoroukonline.com	1 redirects www.echoroukonline.com
15	tpc.googlesyndication.com	f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	i.dzs.cloud	www.echoroukonline.com
10	pagead2.googlesyndication.com	www.echoroukonline.com pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.echoroukonline.com
5	securepubads.g.doubleclick.net	www.echoroukonline.com securepubads.g.doubleclick.net f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com www.googletagservices.com
5	www.googletagmanager.com	www.echoroukonline.com www.googletagmanager.com s0.2mdn.net
4	s0.2mdn.net	www.echoroukonline.com s0.2mdn.net f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	x.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	cm.g.doubleclick.net	1 redirects google-bidout-d.openx.net
2	us-u.openx.net	google-bidout-d.openx.net
2	match.adsrvr.org	2 redirects
2	s.amazon-adsystem.com	1 redirects google-bidout-d.openx.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects www.echoroukonline.com
2	f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.clarity.ms	www.echoroukonline.com www.clarity.ms
2	fonts.googleapis.com	client
1	c.bing.com	1 redirects
1	code.createjs.com	s0.2mdn.net
1	pr-bh.ybp.yahoo.com	google-bidout-d.openx.net
1	mug.criteo.com	www.echoroukonline.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	fonts.gstatic.com	www.echoroukonline.com
1	i0.wp.com	www.echoroukonline.com
1	cdn.speakol.com	www.echoroukonline.com
125	42

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
m.me
montada.echoroukonline.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.speakol.com Amazon RSA 2048 M01	`2023-03-16` - `2024-04-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
i.dzs.cloud GTS CA 1P5	`2023-06-18` - `2023-09-16`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-07-14` - `2023-10-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://www.echoroukonline.com/
Frame ID: A65EDCA3E7ECACA42D35BBC02EB469BD
Requests: 77 HTTP requests in this frame

Frame: https://www.echoroukonline.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f0089873/invisible.js
Frame ID: D89C59683FCBCA4B7E85CC9000AC8E23
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20190131/zrt_lookup.html
Frame ID: EA052A6D01A3EE9BE796D4861364C152
Requests: 1 HTTP requests in this frame

Frame: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 42738530F429463B8032E1ABF580702A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639022183676464&output=html&adk=1812271804&adf=3025194257&lmt=1690388706&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fwww.echoroukonline.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690388705833&bpp=3&bdt=445&idt=345&shv=r20230724&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4808405214466&frm=20&pv=2&ga_vid=1065254421.1690388706&ga_sid=1690388706&ga_hid=1095182713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071258%2C31076343%2C44788441%2C21065725&oid=2&pvsid=2895556275635737&tmod=2039874011&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=378
Frame ID: E364371DF30AC680F9112AE6EDA4DD81
Requests: 1 HTTP requests in this frame

Frame: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 241BC6D794CE8DA06BF4A7763B813C4D
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.echoroukonline.com
Frame ID: 9B28575C75E335AABB7C437028315B43
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: AD1BB629FA3CC3EFEDB3186C426B6C29
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/2007758/5012314706/1690198690239/ooredoo-CMPDima2000-728x90-AR/ooredoo-CMPDima2000-728x90-AR.html
Frame ID: 77A04A5844075C69DEFA6D6A304603DA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639022183676464&output=html&h=280&adk=352417564&adf=928226804&pi=t.aa~a.1016648249~rp.1&w=380&fwrn=4&fwrnh=100&lmt=1690388706&rafmt=1&to=qs&pwprc=5135116441&format=380x280&url=https%3A%2F%2Fwww.echoroukonline.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690388706826&bpp=2&bdt=1438&idt=-M&shv=r20230724&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67706b0c4f2da9b0-22471be8fee200aa%3AT%3D1690388706%3ART%3D1690388706%3AS%3DALNI_MacXnpMkQLjo1aDxJMRBDxybNrwrw&gpic=UID%3D00000d1f6ed2a758%3AT%3D1690388706%3ART%3D1690388706%3AS%3DALNI_MZgWRANRp91KVygtO2EFCDswRXT0g&prev_fmts=0x0&nras=2&correlator=4808405214466&frm=20&pv=1&ga_vid=1065254421.1690388706&ga_sid=1690388706&ga_hid=1095182713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071258%2C31076343%2C44788441%2C21065725&oid=2&pvsid=2895556275635737&tmod=2039874011&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=10&uci=a!a&btvi=1&fsb=1&xpc=U2un0kPic3&p=https%3A//www.echoroukonline.com&dtd=47
Frame ID: F01F7F3F5C3889B149CC057A0281DE66
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639022183676464&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.1524871759~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1690388706&rafmt=1&to=qs&pwprc=5135116441&format=1200x280&url=https%3A%2F%2Fwww.echoroukonline.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690388706826&bpp=2&bdt=1437&idt=2&shv=r20230724&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67706b0c4f2da9b0-22471be8fee200aa%3AT%3D1690388706%3ART%3D1690388706%3AS%3DALNI_MacXnpMkQLjo1aDxJMRBDxybNrwrw&gpic=UID%3D00000d1f6ed2a758%3AT%3D1690388706%3ART%3D1690388706%3AS%3DALNI_MZgWRANRp91KVygtO2EFCDswRXT0g&prev_fmts=0x0%2C380x280&nras=3&correlator=4808405214466&frm=20&pv=1&ga_vid=1065254421.1690388706&ga_sid=1690388706&ga_hid=1095182713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071258%2C31076343%2C44788441%2C21065725&oid=2&pvsid=2895556275635737&tmod=2039874011&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=2&fsb=1&xpc=SCY5uYcUpW&p=https%3A//www.echoroukonline.com&dtd=54
Frame ID: 0B6EED5C49E041173AE2E00487BF69E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1
Frame ID: 70456EFF3CC59A1B9F1B84A6EADB591D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1
Frame ID: FCCC95A76E1FCFC1AC513A72C5D6DF30
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 713A2FEE9038481322DD727D6BCF3DA1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8D59FAEB9B3909167CB2E1D2780C6437
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js
Frame ID: A90E5F0405DB654366A0EB692088AD4C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js
Frame ID: 3EB2C2A9A3CD1E01AE0470ACED980E0D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 475C6F67A3CE25A590FB9A0A60FFA7A6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 74FA0401C3A6E6F027BA78B92B0DF296
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

الشروق أونلاين.. عينك على الجزائر والعالم

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

125
Requests

94 %
HTTPS

59 %
IPv6

31
Domains

42
Subdomains

38
IPs

3
Countries

2261 kB
Transfer

5402 kB
Size

37
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Echorouk/

Search URL Search Domain Scan URL

URL: https://twitter.com/echoroukonline

Search URL Search Domain Scan URL

URL: https://m.me/Echorouk/

Search URL Search Domain Scan URL

URL: https://montada.echoroukonline.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://www.echoroukonline.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://www.echoroukonline.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f0089873/invisible.js

Request Chain 65

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.echoroukonline.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.echoroukonline.com%2F&rid=esp&cc=1

Request Chain 81

https://gum.criteo.com/sid/json?origin=publishertagids&domain=echoroukonline.com&sn=ChromeSyncframe&so=0&topUrl=www.echoroukonline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=TXCL5XxyUU83NUM4NnVlM0RpZWNaZXN0c3FaT2E0cG55K2MrMC9rdjlCRFFLalBmMGRaSklxREJSZGhoOFQwVUtXaFpHQ3RmNHZLelhLaWZvdStMMDNpcHdqcTZQU2MwZ1lyNnRtQk9mZzYwTzcrcm9vbkZkOFZJWjVhblNYNWtQY1JFTWs2SzBIbVMvd3dIUmRSNmV5WG1pTDBnR1M5OUFOSEVHZlFNYTVuVmZtbnpDdnQvRmU4MUE5TjFTUC9xb3NrSUZUSStRWnZoY040V3R6VWVjeVlpUlVlWEtISm44eFJkck9sMFVqck9lV3RWTEMvQVhORGZBdm9ITkZrYlZrOEFvS1BkcElZR2d5YWdabTg3SHUwbEtiVXRwQjh2TE51QXFqbFh4M0V2YkxzVT18&cppv=2

Request Chain 85

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=cd06502c-e241-c056-3f98-903b167a8f91 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=cd06502c-e241-c056-3f98-903b167a8f91&dcc=t

Request Chain 86

https://match.adsrvr.org/track/cmf/openx?oxid=95d02c51-feeb-7bac-ff96-12ac7e494471&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=95d02c51-feeb-7bac-ff96-12ac7e494471&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=031a87ee-df13-4d95-bcb5-ea06b6926a11&ttd_puid=95d02c51-feeb-7bac-ff96-12ac7e494471&gdpr=0&gdpr_consent=

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAano-nFHf0CidYH4G_QV9s&google_cver=1

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 119

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ADF08C5AC80941F0831090CBF992520F&RedC=c.clarity.ms&MXFR=323DAA5D59C96F6B3A29B9075DC96166 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ADF08C5AC80941F0831090CBF992520F&MUID=1B1A6371E38B65C00679702BE2B06406

125 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.echoroukonline.com/ 339 KB
65 KB 580ms
526ms Document
text/html 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.echoroukonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f04f349442a1766a53821929e8af1cab4ae85c3fec07520f002a9e3abdfaa1a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7ecdff1d699136c3-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 26 Jul 2023 16:25:05 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UaODv8%2FdiCXhyX%2F0sDhMUiAHQr1vykaompQBW2wzSUdyRRnmMdyqe5v12GachB1p3on%2BMRVmiJFu0qagguYGxpg0q4b37CddME2l%2FXWSMklLorkphThO98U107ByY5ClGUUe8guCHpYdEBI9v44W4WLxdg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-dzs-debug: vonotRocketHIT:other:0

GET
H2 200 classic-themes.min.css
www.echoroukonline.com/wp-includes/css/ 291 B
563 B 28ms
27ms Stylesheet
text/css 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.echoroukonline.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 13:19:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2948750
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bS76OoxL%2B3AOu0sDuNtwXCsYaPg%2FBOAjUKw3lY%2FcM6zL3gFy4IQVj3ct%2Fu0ZS1Hk7MZx5toDEsLaDjmKO6XptrMTpNnnFTyssJm%2Bt9QVQnqmVlaE9ez%2FD8Gf33PVnyJXp9beQtSDb6N0hNfWYrwMXVR%2FXWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=25711826
cf-ray: 7ecdff20ce8136c3-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 May 2024 06:35:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 122 KB
47 KB 92ms
43ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-179798657-1

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72e8a924e491e738b56c7da00aa690c77f21f87408ebe50d45f3139f2eb3a009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48234
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jul 2023 16:25:05 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 98ms
49ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3639022183676464

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e6e9df473584cfaf6138577bd94c3be7049b4cd109b8f98d2d5d97ce32d8f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echoroukonline.com/
Origin: https://www.echoroukonline.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51223
x-xss-protection: 0
server: cafe
etag: 7280219924893576473
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 16:25:05 GMT

GET
H2 200 speakol-widget-v2.js Show response
cdn.speakol.com/widget/js/ 142 KB
142 KB 105ms
23ms Script
application/javascript 2600:9000:25c8:f000:0:adab:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speakol.com/widget/js/speakol-widget-v2.js
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:f000:0:adab:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d9627946fcad2ddacefe71e61e52e0fe6da36f2957869ce1d4abf8e410fbc6e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 17:06:03 GMT
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
last-modified: Thu, 07 Jul 2022 14:59:13 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 602343
etag: "ec9f6107f4c6bf30e1136eb9891d03bf"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 144991
x-amz-cf-id: Pcjvux1JuFgynBITykSaFFHmk-MPFzeZNKdH7JghJXARaw2T0b5XuQ==

GET
H2 200 body.css
www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/ 14 KB
4 KB 28ms
28ms Stylesheet
text/css 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d93f52094e0e7c27556432bc954d78a3b90066692aded5e3d000468b645cefb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 13:29:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2948165
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CO57WRKcy5fmqJxbPnQPiF0tCan5etiFzIA%2BqdHnxBaD%2BTe%2BogexKoyWI9VCMAql2r9M5fPLO7G%2BZX%2FQwMCTlRUsFq5EUWjiN50sLOn9WT2dOmHa40clfyF%2BK7Wmk%2FQWh%2FHMLOv7l3NM0KPauw8ic0W3djY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=5294853
cf-ray: 7ecdff20ce8236c3-YYZ
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Sep 2023 23:12:38 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 120ms
62ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2c84f6bba1599aac142a4c93b5a58be41bfed010c924c78c9ca6f13a16078d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28053
x-xss-protection: 0
server: cafe
etag: 390 / 19564 / m202307200101 / config-hash: 8317567018028545507
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 16:25:05 GMT

GET
H3 200 lazyload.min.js Show response
www.echoroukonline.com/wp-content/themes/ech/resources/scripts/ 7 KB
3 KB 29ms
28ms Script
application/javascript 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/scripts/lazyload.min.js?v=4.0.60
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a23e6a3399b52a5576c28b2236b48953949793fc17f2c733d35b084d7a0085

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 13:21:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2948587
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBAUcLl3NHTRN%2FTRxGqEjSHLYhr6lRp5LrxrX7S0w6kOwxEiAgp7c1cn%2FCYrdStYLz2MZfppOCXHgDtnZ9ZQ%2BaJpPLbo6AA8fnByu0mD9YYMaFBpf10bazUe7DHsw94m0Gw6%2FNsi82GmpaWuLOsYPzfYUP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=5294815
cf-ray: 7ecdff215fca36c9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Sep 2023 23:12:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 50ms
11ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179798657-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Jul 2023 15:18:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3985
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 26 Jul 2023 17:18:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
79 KB 52ms
51ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GZ6NDC4SBL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179798657-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfd118d3bac7affa040a76b02b691f17fa5e58e014ac84b5c125a929f33d2ccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81076
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 26 Jul 2023 16:25:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 761 B
791 B 74ms
34ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 14:29:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jul 2023 16:25:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
658 B 96ms
56ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 16:23:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jul 2023 16:25:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 109 KB
42 KB 51ms
50ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PXJR63

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8883b2b9fa838170872c2de8bf9e7891a4673595e9c09e712e85db186192322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43237
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jul 2023 16:25:05 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37de2da0560cceef4f26c8e1244ce006d2951eb99861a3b0a25efc387b404d3

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b72d6cc72df6e1b4ecbf610ac1aa911cbabd1c6147a5ce1a425c897e2af3a9fd

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 65 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70ce0ccccb5a5920b8f1a9b9f27d002e6a34947d288e8c1c27680ddf4c56b334

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 037e204b336b111a84c08af22399efd6138ed114e9c541d5dc6c6d6cd6cece73

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cee3ec9b06287e641b153f0ec21002ff84ea5ef4a1180873bfba03de6cb8d8d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbec7579d8c2963f13b8ef90847bef861b534371bfd2dab99ebb09ff1528b0e9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 %D8%A8%D9%84%D8%B9%D8%A7%D8%A8%D8%AF-3.jpg
i0.wp.com/www.echoroukonline.com/wp-content/uploads/2021/03/ 50 KB
51 KB 57ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.echoroukonline.com/wp-content/uploads/2021/03/%D8%A8%D9%84%D8%B9%D8%A7%D8%A8%D8%AF-3.jpg?resize=2560,800&quality=95

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

2a49077d66b4a665fb99938db5d5e185f7718b64335fc23794eac3f2e33f1cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nc: HIT yyz 4
date: Wed, 26 Jul 2023 16:25:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Jul 2023 12:34:50 GMT
server: nginx
etag: "7f4137d0a69f6445"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.echoroukonline.com/wp-content/uploads/2021/03/%D8%A8%D9%84%D8%B9%D8%A7%D8%A8%D8%AF-3.jpg>; rel="canonical"
content-length: 51596
expires: Sat, 26 Jul 2025 00:34:50 GMT

GET
H3 200 date Show response
www.echoroukonline.com/ 64 B
568 B 125ms
125ms XHR
text/html 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.echoroukonline.com/date
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53973a1b7212a9ee52cfbafb979e149a4f75ce999ea3eec095916327f459a93f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-dzs-debug: no
date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xY8meM4FBoQRB4SshFtD025kqQV%2B6pcleqkzIRyuBil9JHlJ5PEWOnODwXY8ake5gt8qz%2BNDut8b2Izz3b5KzJ7MCF2Ip1sA8D%2Bs0NSpFGAOVFob2w3nB43%2BdkXb2rWhvi8rGlRjyO9kkhJuiufDngPhujA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
cf-ray: 7ecdff2218bf36c9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT, -1

GET
H3 200 ech-logo.svg
www.echoroukonline.com/wp-content/themes/ech/resources/images/ 2 KB
1 KB 130ms
129ms Image
image/svg+xml 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/images/ech-logo.svg
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c174caa5d603c2814e90905c9818436a91a0cc8f21367320123a355fcb5978

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-dzs-debug: no
date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLvtzyjXpS7sBCQ9CqYtiBEVcmt8k%2BR%2FrZATugFnREPvo1DV2wX%2FitobLWlHebug75y1HCwKfvOWJSeomkUCscnQuEVjnAm9kY%2F6d6goefZAYVMIMeATkuGmngYZe%2BjNt%2Byx5mfUVNq%2FvnBL3XJx8cji33A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: private, max-age=0
cf-ray: 7ecdff2238e936c9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 16:23:12 GMT, -1

GET
H2 200 nwpCtLGrOAZMl5nJ_wfgRg3DrWFZWsnVBJ_sS6tlqHHFlj4wv4o.woff2
fonts.gstatic.com/s/notosansarabic/v18/ 88 KB
89 KB 57ms
13ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansarabic/v18/nwpCtLGrOAZMl5nJ_wfgRg3DrWFZWsnVBJ_sS6tlqHHFlj4wv4o.woff2

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2e6e9a42ac38977b815f096c1a24bac7e7be292fc9691107263b9241aaee531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echoroukonline.com/
Origin: https://www.echoroukonline.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:30:24 GMT
x-content-type-options: nosniff
age: 363281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90532
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 11:30:24 GMT

GET
H3 200 ech-clock.svg
www.echoroukonline.com/wp-content/themes/ech/resources/images/icons/ 434 B
755 B 126ms
126ms Image
image/svg+xml 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/images/icons/ech-clock.svg
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b9b745ae2f74a7ad070bc8227a08bf8ab2731ad0b4af6447c24ab275af6403

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-dzs-debug: no
date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNFGaGF2HbSGz%2FIC7vxuYdT0Ff%2BnQ7%2BqrMSVQ1C%2FPF16W9Vezix4R%2BEjOSZyL4vMua6XXtZ0Vn9Pr34Ii1EDPjUH%2Bs4ZPo1cgaVIKnAoRfSGMg7NWA2mf%2B9sBX1mfA%2BEp2%2BqhawiV5PuX2abocrjJApDUbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: private, max-age=0
cf-ray: 7ecdff2238eb36c9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 16:23:54 GMT, -1

GET
H3 200 ech-user.svg
www.echoroukonline.com/wp-content/themes/ech/resources/images/icons/ 1 KB
1 KB 128ms
128ms Image
image/svg+xml 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/images/icons/ech-user.svg
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f63235b77e3c8823fba5b2acdfc62e28ce1b31cf4dc8877807f4b3691007abde

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-dzs-debug: no
date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVuJUZE9kFZMyGb%2BnhJs6Lm%2FwrzbdZaHWHJ%2BkyVO3DkdR95OHH5Q59meXUn1KM12LO5Y20YFOINEvTka0F18mz2Uh24YvMJiXDTmcjQNFV5fZlF3MV%2BehTag%2B7Y0sF%2BZvKCHkqCwN0IFPD0ZhBBE08bRNTI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: private, max-age=0
cf-ray: 7ecdff2238ed36c9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 16:23:59 GMT, -1

GET
H3 200 ech-play.svg
www.echoroukonline.com/wp-content/themes/ech/resources/images/icons/ 187 B
644 B 130ms
129ms Image
image/svg+xml 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/images/icons/ech-play.svg
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec3326f5d6d35124f9b6b6e750cacec342e0fd564da17f35f0ca5066939ea8c6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-dzs-debug: no
date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBDWN9YNXTcx91uBTCw%2FQJAMZI8AOt0ZGkIVvlFg8qf3SoiESeYpMCjccRdg20tW%2FtOFBW1a1%2BHXFYCwvhUvzRaLxDO2t3ZGlnLA4RMqFVfaRdeGzOCIgEfK53OyRqlC1l3O1UB1Fj6u7aahVySVntU6%2BN4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: private, max-age=0
cf-ray: 7ecdff2238ef36c9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 16:22:14 GMT, -1

GET
H3 200 ech-arabi-logo.svg
www.echoroukonline.com/wp-content/themes/ech/resources/images/ 23 KB
8 KB 223ms
223ms Image
image/svg+xml 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/images/ech-arabi-logo.svg
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec41ca6adaddf52a747d56d3b8eafc6506d986e7efff8323da27fa3201756a9a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-dzs-debug: no
date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLNBJUBEicuhsV9OYy3Z3iovhF%2FKWc8iM0xdhOh8KZFt%2FpeJVrXvNY%2FsCqNCrJgDclj1MafEm01bh0waGLoCgtY0N0q8%2BXP3cC6ymGmlZzgd%2B2A0DIJjSmq4J3b3oI0FSYvj8AUlSr3Sm%2F8%2BC9A%2FdiJ3mKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: private, max-age=0
cf-ray: 7ecdff2238f736c9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 16:22:09 GMT, -1

GET
H3 200 ech-sport-logo.svg
www.echoroukonline.com/wp-content/themes/ech/resources/images/ 4 KB
2 KB 127ms
127ms Image
image/svg+xml 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/images/ech-sport-logo.svg
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadd6803cef5f4f1f35e9e46a92fb2c0b84c8b152eb1f6e55c1b40a9808e1fd0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-dzs-debug: no
date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbiaUNaRzXMn9YAD%2Bfbk6Ke%2BmzIii9DIu90nuSpHnx6fm28TZLomleRB7mMa28benZ1LXEhOoCRlqA1co5imVul73amnXpv9P6l%2F847Q4QNVYtra75n60gNYiTxxrkjFwP2r%2BcruRg3aqiGVWxonZeYH7yo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: private, max-age=0
cf-ray: 7ecdff2238f936c9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 16:24:56 GMT, -1

GET
H3 200 ech-jawahir-logo.svg
www.echoroukonline.com/wp-content/themes/ech/resources/images/ 10 KB
5 KB 127ms
127ms Image
image/svg+xml 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/images/ech-jawahir-logo.svg
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 634cdd53620d07a0838e85074b6788a71a44c1ad4b0d8c0a588083aa11aa93b6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-dzs-debug: no
date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBrK5Dkt0LhbPphTYcqwFgA4MBxgYAvcOUmg1f9RsVrXAKm1OwEgbh2LUd6fPki2ie5nZumIrvWOHDXcyUIDYG%2For5H%2F%2FA%2FByyPr89Y6I5gxu914uF02ZX%2B3%2FYOS90ZarNF%2B1SlgfXqWF4Q8qSu4SyP8t10%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: private, max-age=0
cf-ray: 7ecdff2238fa36c9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 16:22:17 GMT, -1

GET
H3 200 ech-montadayat-logo.svg
www.echoroukonline.com/wp-content/themes/ech/resources/images/ 6 KB
3 KB 126ms
126ms Image
image/svg+xml 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/images/ech-montadayat-logo.svg
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7614bdfed7d3ab1137894298f6aa93a45def07809b7dd5cfad744c00014682fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-dzs-debug: no
date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeZP1aySVNO4zfWnRDWpJYoeYuF8wdfbjkIyM3l2f0e4mPaYm5qBshKaYG5frTdJ5%2Fr5E6v0fC7PsEEQBHMgJL8FAKbLeMqlUwhC77m9k76AEWdJaKTTM1gV5lvbl9YLs2jnGzQgupl3l7oOdCnn0o%2BG2A4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: private, max-age=0
cf-ray: 7ecdff22390136c9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 16:22:03 GMT, -1

GET
H3 200 ech-news-logo.svg
www.echoroukonline.com/wp-content/themes/ech/resources/images/ 2 KB
1 KB 136ms
135ms Image
image/svg+xml 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/images/ech-news-logo.svg
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad3c627a057dd303e52dc3a7884c0684c488070604edf725c323fb86bb3de7da

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-dzs-debug: no
date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMONPOCnDDVELxQ2EnowKHAeWTh6YJjGwtTEZdDyJD%2FIH2bqXVQVf08gJFZEfeWkMjRf1sZJTwtaHyGueJAumKwrECImaxAoWEOuQS9COU5qKarzBPwaINJOkK9KvJNgZ%2F47uJqpyIlHdxZyL11cba6gmIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: private, max-age=0
cf-ray: 7ecdff22390336c9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 16:22:03 GMT, -1

GET
H3 200 ech-tv-logo.svg
www.echoroukonline.com/wp-content/themes/ech/resources/images/ 2 KB
1 KB 139ms
139ms Image
image/svg+xml 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/images/ech-tv-logo.svg
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fb55c760e6e846e7ed2d79059247f536e4c55e14f6af287311028653de48ca4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/wp-content/themes/ech/resources/styles/home/body.css?v=4.0.60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-dzs-debug: no
date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPpJrk63eASn4ZtU%2F1kHfce2gIA1Wk7oDox5qgQ0eUsHEUT9SrY95EYHL%2FrBDw9FfDQCR%2FMGBU0IxrwRxT5%2B5tQsd0bZyMFyzTQiovOguaVnKxJtPefpC2LYPuUFE2TJRNvPPQMxN52RxP6pWRjh9AJn3ho%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: private, max-age=0
cf-ray: 7ecdff22390536c9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 Nov 2023 16:22:03 GMT, -1

GET
H2 200 %D8%A8%D9%84%D8%B9%D8%A7%D8%A8%D8%AF-3.jpg
i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2021/03/ 2 KB
3 KB 88ms
22ms Image
image/webp 2606:4700:3035::6815:556f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2021/03/%D8%A8%D9%84%D8%B9%D8%A7%D8%A8%D8%AF-3.jpg?resize=100,74

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:556f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0989f1622bf1306dc1bbc937fc7560e4ae283d53aab3c0d2295065e017ae2ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13649
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
content-length: 2326
last-modified: Wed, 26 Jul 2023 12:34:14 GMT
server: cloudflare
etag: "da5349f4c23f2e52"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJmIJiMIv1Yf28Pg%2Bp1UYNpiO94cylMKy8kBwPDE3K0sqCFPUtzqTesdvsmvJPXqlOw0O6jlZ3yOmotscXSHX9O8m6Et1KeGj1sc%2Bn5UWm82lngNV0zHxx%2FfSpAddfuBVothXbig6n91ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=63115200
accept-ranges: bytes
cf-ray: 7ecdff230db339f3-YYZ
link: <http://www.echoroukonline.com/wp-content/uploads/2021/03/%D8%A8%D9%84%D8%B9%D8%A7%D8%A8%D8%AF-3.jpg>; rel="canonical"
expires: Sat, 26 Jul 2025 00:34:14 GMT

GET
H2 200 %D8%AD%D8%B1%D8%A7%D8%A6%D9%82-%D8%A7%D9%84%D8%BA%D8%A7%D8%A8%D8%A7%D8%AA.jpg
i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2021/05/ 3 KB
4 KB 91ms
26ms Image
image/webp 2606:4700:3035::6815:556f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2021/05/%D8%AD%D8%B1%D8%A7%D8%A6%D9%82-%D8%A7%D9%84%D8%BA%D8%A7%D8%A8%D8%A7%D8%AA.jpg?resize=100,74

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:556f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac689913aa2fc6dd4895b77879185d5b8f398fb3292c17bdc14c2de5b10abd0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13649
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
content-length: 3190
last-modified: Wed, 26 Jul 2023 12:30:03 GMT
server: cloudflare
etag: "482631e99758b51f"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJTbylEjwwG95Z9xEx8tpbhi%2BI7UPJAekWhpchUheAqbTAJgoozYHAgkw6%2BuLf6jOD7JgRg%2Bl9wSHDww%2FY00q5RnVIbPHcBZnPvT3EXED%2BIsXwyhj8j%2BFGFy6aGYZicD6KIij%2F%2BVfjwBbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=63115200
accept-ranges: bytes
cf-ray: 7ecdff230db739f3-YYZ
link: <http://www.echoroukonline.com/wp-content/uploads/2021/05/%D8%AD%D8%B1%D8%A7%D8%A6%D9%82-%D8%A7%D9%84%D8%BA%D8%A7%D8%A8%D8%A7%D8%AA.jpg>; rel="canonical"
expires: Sat, 26 Jul 2025 00:30:03 GMT

GET
H2 200 01-24-comp-15.jpg
i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/07/ 2 KB
2 KB 89ms
24ms Image
image/webp 2606:4700:3035::6815:556f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/07/01-24-comp-15.jpg?resize=100,74

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:556f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a866af2f630279cce98c2fa112410e49c734000674cdf67277692b12940be9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76654
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
content-length: 2002
last-modified: Tue, 25 Jul 2023 19:01:41 GMT
server: cloudflare
etag: "b9ad62a4878e0399"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiBXZ60x%2FUuhLcaVRvaa%2Fj1pPJtow4BOt9%2FqhqbsTUfDr1S21GxUZ9Y%2FlEVspgpVTV%2Bz4Rw4UpyMm1X%2B5S6TLuA7IJwqnUMzbZKMLK7mWtd9jI%2BZmNmwr60m2LLGXHeGKrW73k2PuePEEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=63115200
accept-ranges: bytes
cf-ray: 7ecdff230db939f3-YYZ
link: <http://www.echoroukonline.com/wp-content/uploads/2023/07/01-24-comp-15.jpg>; rel="canonical"
expires: Fri, 25 Jul 2025 07:01:41 GMT

GET
H2 200 tebboune-3.jpg
i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/07/ 2 KB
2 KB 88ms
23ms Image
image/webp 2606:4700:3035::6815:556f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/07/tebboune-3.jpg?resize=100,74

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:556f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2e7134833105ce97772f370417982e4b04431af5f18211825b9ea75523de7fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80754
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
content-length: 2072
last-modified: Tue, 25 Jul 2023 17:57:41 GMT
server: cloudflare
etag: "a5ada26d2000e27a"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQtsFYNSKxfRYA%2Bco8RCRyQ1y2v%2BoICXZl5bhT16XQgazOvz46rBlgddS5Rq92TyksjBbRxV9Qj2h4t1%2FnxWV%2FzyVjrmpRLDJ8sgNpgfPcDYVtlccHYCy2Sy6tzvxdQCx1AGjIE4chpF%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=63115200
accept-ranges: bytes
cf-ray: 7ecdff230dba39f3-YYZ
link: <http://www.echoroukonline.com/wp-content/uploads/2023/07/tebboune-3.jpg>; rel="canonical"
expires: Fri, 25 Jul 2025 05:57:41 GMT

GET
H2 200 fishing-4.jpg
i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/07/ 21 KB
22 KB 115ms
50ms Image
image/webp 2606:4700:3035::6815:556f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/07/fishing-4.jpg?resize=520,292.5

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:556f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37cb4cdced4571ce8e3dd3bb71816f591dac12b4a7279fd59e82892a1b6a07d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
content-length: 21856
last-modified: Wed, 26 Jul 2023 16:23:45 GMT
server: cloudflare
etag: "8da51d8d14e36bac"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FG3tgx9iuxLQgiCaABONfa7b7ArRtYJtZ7e%2FUCNXgkSLMEIIGW5VqhGNyh%2F4cu4wREjjoyIbQATNsep7oIbMBHJtZcf32dHIrm9mYOis%2FEQou8qZhv92A66kcDtwgG7dSwO2QGFd1KXFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=63115200
accept-ranges: bytes
cf-ray: 7ecdff230dbc39f3-YYZ
link: <http://www.echoroukonline.com/wp-content/uploads/2023/07/fishing-4.jpg>; rel="canonical"
expires: Sat, 26 Jul 2025 04:23:45 GMT

GET
H2 200 bidjaia-1.jpg
i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/07/ 9 KB
10 KB 106ms
42ms Image
image/webp 2606:4700:3035::6815:556f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/07/bidjaia-1.jpg?resize=240,135

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:556f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cacbbaeb164b727e2b5380b54d26036556901b502e32bbe186711fbe0ec3afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
content-length: 9348
last-modified: Wed, 26 Jul 2023 16:23:54 GMT
server: cloudflare
etag: "76d96b5045991e1b"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GtBPpYTLqKhvmhZy0k5St3qsPRJv3EA38r8EX3aAa0hQDOjsuoSsH4BxuO5umEt20q1NwN3uuYKn0OkOQT%2BWGLG6SO8dCYt0BlxUqZe1ZW1c9Dg0cL8ZNSJzhEiGZrlNWC1PvOilprSVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=63115200
accept-ranges: bytes
cf-ray: 7ecdff230dbb39f3-YYZ
link: <http://www.echoroukonline.com/wp-content/uploads/2023/07/bidjaia-1.jpg>; rel="canonical"
expires: Sat, 26 Jul 2025 04:23:54 GMT

GET
H2 200 2021-08-12T190227Z_1029259504_RC2Q3P9RR8DO_RTRMADP_3_CLIMATE-WILDFIRES-ALGERIA-scaled.jpg
i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/07/ 9 KB
10 KB 28ms
26ms Image
image/webp 2606:4700:3035::6815:556f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/07/2021-08-12T190227Z_1029259504_RC2Q3P9RR8DO_RTRMADP_3_CLIMATE-WILDFIRES-ALGERIA-scaled.jpg?resize=240,135

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:556f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a17c266896c428fe75269421e8fc2ea796062a81a8ee76ae1fdfa5680760a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 208
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
content-length: 9600
last-modified: Wed, 26 Jul 2023 16:19:45 GMT
server: cloudflare
etag: "45254dc47222312e"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OH1Hqpb4pZrWM9nb%2Fisw6c0P7X2US9zyzZyCoQeetgLvszvj%2FFnK7n%2FaZmAbhA%2FsC%2BzEbQBfZhi47SNBcz6TvWELUNrr7%2BOXtI3xcTBDCkDBqgbWtD%2BMJWe4phWCUo6QKuWCjiAf5Q5rTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=63115200
accept-ranges: bytes
cf-ray: 7ecdff230dbd39f3-YYZ
link: <http://www.echoroukonline.com/wp-content/uploads/2023/07/2021-08-12T190227Z_1029259504_RC2Q3P9RR8DO_RTRMADP_3_CLIMATE-WILDFIRES-ALGERIA-scaled.jpg>; rel="canonical"
expires: Sat, 26 Jul 2025 04:19:45 GMT

GET
H2 200 90b56266-f66c-4b8d-8fa8-5ee07ee89c4f.webp
i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/06/ 2 KB
2 KB 26ms
24ms Image
image/webp 2606:4700:3035::6815:556f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/06/90b56266-f66c-4b8d-8fa8-5ee07ee89c4f.webp?resize=120,75

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:556f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2c26a10f00db319722222bc52525484477d22fc2de733c6d5f2059fb8cd740d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238674
x-litespeed-cache: miss
alt-svc: h3=":443"; ma=86400
content-length: 1732
last-modified: Sun, 23 Jul 2023 22:07:11 GMT
server: cloudflare
etag: "97dec7b65f53c89e"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueQMJqRCjHilElTpy2c89ZPM2waZ8d5XnfSKS620E5UNr188eHtvHM%2FlDVSwhItsBON4byDbbjh4OjkZ6aRcgPJQ0goQYMWVm8YRN%2FYcCant93HFhOS59Wm3bL999Kysi10QOAIGEMUj9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=63115200
accept-ranges: bytes
cf-ray: 7ecdff230dbe39f3-YYZ
link: <http://www.echoroukonline.com/wp-content/uploads/2023/06/90b56266-f66c-4b8d-8fa8-5ee07ee89c4f.webp>; rel="canonical"
expires: Wed, 23 Jul 2025 10:07:11 GMT

GET
H2 200 fising.jpg
i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/07/ 2 KB
3 KB 33ms
31ms Image
image/webp 2606:4700:3035::6815:556f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/07/fising.jpg?resize=120,75

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:556f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9520530ecc36366b7f419cd94439b5ac554b6a271c28c463e91a7aeda716f383

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74633
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
content-length: 2526
last-modified: Tue, 25 Jul 2023 18:54:54 GMT
server: cloudflare
etag: "1bf24254cc3a3470"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kGyGJ7ytMiyGgQPJbSY3yK1BMa%2BAX9kvx46OTvJPIBbkovU%2FYkhX9wGpOjsp5OwKUN4QktVv701IclhfysfX%2BxwkqYPHOkuTqJyQ3s3Tt2vMc8IgLhgP%2Bs1iBwLWEZ%2FFyaxtNKOwxH%2Fsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=63115200
accept-ranges: bytes
cf-ray: 7ecdff231dc739f3-YYZ
link: <http://www.echoroukonline.com/wp-content/uploads/2023/07/fising.jpg>; rel="canonical"
expires: Fri, 25 Jul 2025 06:54:54 GMT

GET
H2 200 gerrr.png
i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/07/ 16 KB
17 KB 40ms
38ms Image
image/webp 2606:4700:3035::6815:556f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.dzs.cloud/www.echoroukonline.com/wp-content/uploads/2023/07/gerrr.png?resize=120,75

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:556f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d59000bf43557381244962f1e622267171c981e0917ce57af01278eeb247da93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 187533
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
content-length: 16538
last-modified: Mon, 24 Jul 2023 12:14:49 GMT
server: cloudflare
etag: "0e39190cefa686ec"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D96c8cfZm0H3REB6Um%2B2MALPFudVZ8xOHYoilvXRujYdyl7iuFsYmzjtAIyObZsxECmTnC32XQmvoprAyncCmzSLmt0wannV0oVfF9OvDz1QzkmgypmKpLhfi%2BL2kA5P9eilULnqfjBbGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=63115200
accept-ranges: bytes
cf-ray: 7ecdff231dc839f3-YYZ
link: <http://www.echoroukonline.com/wp-content/uploads/2023/07/gerrr.png>; rel="canonical"
expires: Thu, 24 Jul 2025 00:14:49 GMT

GET
H3

200

invisible.js Show response
www.echoroukonline.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f0089873/ Frame D89C
Redirect Chain

https://www.echoroukonline.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://www.echoroukonline.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f0089873/invisible.js

7 KB
4 KB

21ms
21ms

Script
application/javascript

2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.echoroukonline.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f0089873/invisible.js

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Server

2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

311793226e196c9ea63898632d842b3b1a0d05b8550a8ee72868063d97699d83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q137rCesjEHV13f87YnlHRRIX18UeimJzG%2BgN61n7Rtxx4xSckbTSqNwRoKNZP1CTW6sEFf5Fv0x7%2F1KOlPxqRxfV0fa3kH%2F6StWImIvXxvkamWffL2jAM1RdlICBogPApw6tN3VUdDxR8zAjEoVgKrbseI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7ecdff23eb2a36c9-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 26 Jul 2023 16:25:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMplUq9OTJsgmVKFhEmaQVtpsYcy%2BIWNOyZ4yvbg9c649qHbPi6UqVNrBd931ABrjfjdNSGOoAbsMlhAXKA14dkETJW91Ni361lY7V7w3Ct4MVtP7YJaBpM8ikhW1mFaDObAySatPrCP4BKDYdUHZKwZ2hE%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/f0089873/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7ecdff22e9e436c9-YYZ
alt-svc: h3=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
149 B 39ms
35ms XHR
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1095182713&t=pageview&_s=1&dl=https%3A%2F%2Fwww.echoroukonline.com%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D9%82%20%D8%A3%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86..%20%D8%B9%D9%8A%D9%86%D9%83%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%AC%D8%B2%D8%A7%D8%A6%D8%B1%20%D9%88%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=16593416&gjid=2012444780&cid=1065254421.1690388706&tid=UA-179798657-1&_gid=1120383213.1690388706&_r=1&gtm=457e37o0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1680756995

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.echoroukonline.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.echoroukonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 18ms
10ms Image
image/gif 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1095182713&t=pageview&_s=2&dl=https%3A%2F%2Fwww.echoroukonline.com%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D9%82%20%D8%A3%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86..%20%D8%B9%D9%8A%D9%86%D9%83%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%AC%D8%B2%D8%A7%D8%A6%D8%B1%20%D9%88%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=&gjid=&cid=1065254421.1690388706&tid=UA-179798657-1&_gid=1120383213.1690388706&gtm=457e37o0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1182801658

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 01:18:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54383
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ 363 KB
124 KB 102ms
61ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3639022183676464

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d6e90d4b6272743aaea4b5a27ca8592088f15aa2f0ee8848d5cef5d605bbd13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127277
x-xss-protection: 0
server: cafe
etag: 9044350510716801561
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 16:25:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230724/r20190131/ Frame EA05 10 KB
5 KB 52ms
11ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230724/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3639022183676464

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echoroukonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 54383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 01:18:42 GMT
etag: 12368291122986407432
expires: Wed, 09 Aug 2023 01:18:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/ 385 KB
123 KB 12ms
11ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 10:14:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22252
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125319
x-xss-protection: 0
server: cafe
etag: 4098493636285064892
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 25 Jul 2024 10:14:13 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 33ms
33ms Ping
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GZ6NDC4SBL&gtm=45je37o0&_p=1095182713&gdid=dZTNiMT&cid=1065254421.1690388706&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690388705&sct=1&seg=0&dl=https%3A%2F%2Fwww.echoroukonline.com%2F&dt=%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D9%82%20%D8%A3%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86..%20%D8%B9%D9%8A%D9%86%D9%83%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%AC%D8%B2%D8%A7%D8%A6%D8%B1%20%D9%88%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GZ6NDC4SBL&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.echoroukonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c8i9yhkkql Show response
www.clarity.ms/tag/ 1022 B
1 KB 146ms
43ms Script
application/x-javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/c8i9yhkkql?ref=gtm2
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8763820c94db2bb23e3e97b5fa6b3ad7d1a69955731ba3c46191f46659a71670

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
date: Wed, 26 Jul 2023 16:25:05 GMT
x-azure-ref: 04kjBZAAAAACmVVV1q8kkS4yKz8taQ31oWVRPMjIxMDkwODE3MDMzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1022
expires: -1

GET
H3 200 jquery.min.js Show response
www.echoroukonline.com/wp-includes/js/jquery/ 88 KB
32 KB 30ms
30ms Script
application/javascript 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.echoroukonline.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 13:22:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2948576
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1%2BSrPcCExNdCesrVYvj%2FTkEuMmJjhvvKUJpzSkE1NPyFnGHxDhnX32fCB5xxIaz0fXypVVmBHvP57Z7NYdBi%2Bowv%2FrJBnPbUf7BD3RhhmS8ipPXAtHqb5YhdtM86xp72OzjPtQAyL41OgLGMZaNdDV0F9w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21305420
cf-ray: 7ecdff241b8936c9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Mar 2024 06:35:25 GMT

POST
H3 200 7ecdff1d699136c3 Show response
www.echoroukonline.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame D89C 0
547 B 44ms
43ms XHR
text/plain 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.echoroukonline.com/cdn-cgi/challenge-platform/h/g/cv/result/7ecdff1d699136c3
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqNapXDOhM%2Bh6T05YheXQwBz4lnmzS2CurYfDO6VSIVrDi80mJ3xRu%2FY1nIW7KccCxtlf1l%2FcGcpFxkE9W57W6S%2FERtLKHgFM6h3YPyyOukgD24gBwUQeJ2TxIdAnOxThcnwAetmaRAa4EBlEMDxzHDq7No%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7ecdff251d0d36c9-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 97ms
45ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Jul 2023 16:25:06 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 42ms
12ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 22:32:31 GMT
content-encoding: gzip
age: 669155
x-guploader-uploadid: ADPycdtN0isEc5QSyz-7igCp3CdeQ5DOCcg6MFW504fz-H4BXTZsQLogi-2JnB1NeYZfqyAqxkhypOs108gwREU1dCrhEg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 17 Jul 2024 22:32:31 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 40 KB
9 KB 79ms
24ms Script
application/javascript 172.64.152.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca372f1d4ced7e2a37e83eb5b880159ba569a4fbf613b9cc2894a6c8726c13f6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 17:46:36 GMT
server: cloudflare
age: 78996
etag: W/"64b972fc-a13f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7ecdff25bd4639f4-YYZ
expires: Thu, 27 Jul 2023 16:25:06 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 85ms
23ms Script
text/javascript 13.224.214.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-92.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 02:43:56 GMT
content-encoding: gzip
via: 1.1 aed3f8ed29085c056c75452d71b07f7e.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 49271
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: CJ_49Vl07rhXdieAN5XMw5_3kg8gKpn0G3HOrtP8EXSkJ7DHBx7i0Q==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
897 B 45ms
10ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Jul 2023 16:25:06 GMT
x-content-type-options: nosniff
content-encoding: br
age: 18302
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-yul12834-YUL
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 140ms
112ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
via: 1.1 google, 1.1 google
last-modified: Wed, 05 Jul 2023 19:08:57 GMT
server: Google Frontend
etag: 6c49a4094d9a446bdc7fe3d19d23b4c7
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 6815c5f88533bcb344bff5ed9c76417e
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 106ms
21ms Script
text/javascript 2600:9000:20ed:600:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:600:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: null
Date: Wed, 26 Jul 2023 09:10:36 GMT
Via: 1.1 677c6e9af68514f698151642c19f6c8e.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PHL50-C1
Age: 26070
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: -enVgxMY4xhxUd5zZIBbJsmEkx5-xQcRaD9_Aftt6pBarDXed9AAVg==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 87ms
28ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: M2GB38DNEJGG1QWA
age: 1938
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ecdff25c87736b2-YYZ
x-amz-id-2: GHmzH6O7SiWPA1v8MxCQUKG/it8hMZUIzPXroIQBPer/Zk8J575fdRydI/objAZahPRLbmdCqms=

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 76 KB
24 KB 125ms
124ms XHR
text/plain 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2895556275635737&correlator=3734411321424462&eid=31072019%2C21065725&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=22275804622%2Cech-desktop-300x250-1%2Cech-desktop-728x90-1%2Cech-desktop-728x90-2%2Cech-desktop-300x600-1%2Cech-desktop-300x250-2%2Cech-desktop-980x200-1%2Cech-desktop-300x250-3%2Cech-desktop-600x400-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=300x250%2C728x90%2C728x90%2C300x600%2C300x250%2C980x200%2C300x250%2C600x400&ifi=2&adks=210976513%2C2577656688%2C681046803%2C1441080333%2C1296969687%2C1224542444%2C3676115217%2C1978937876&didk=3258500583~200983218~1892220437~3420101904~1639029761~2954581592~4239070622~1108023378&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1690388706140&lmt=1690388706&adxs=-9%2C436%2C-9%2C240%2C240%2C-9%2C-9%2C-9&adys=-9%2C715%2C-9%2C2451%2C855%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C-1%7C1%7C0%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.echoroukonline.com%2F&frm=20&vis=1&psz=0x-1%7C728x90%7C0x-1%7C300x600%7C300x250%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C728x-1%7C0x-1%7C300x-1%7C300x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C4%2C2%2C4%2C4%2C2%2C2%2C2&ohw=0%2C728%2C0%2C300%2C300%2C0%2C0%2C0&ga_vid=1065254421.1690388706&ga_sid=1690388706&ga_hid=1095182713&ga_fc=true&dlt=1690388705388&idt=712

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a517f4e8a95a7bc5f3050555c4e1ac71f3d9caf168b09638a2429e25e3e7764d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24771
x-xss-protection: 0
google-lineitem-id: -2,6341290954,6199000000,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138440538455,138420403570,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.echoroukonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4273 6 KB
3 KB 83ms
34ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echoroukonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:25:06 GMT
expires: Thu, 25 Jul 2024 16:25:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
20 KB 21ms
20ms Script
application/javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/c8i9yhkkql?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:05 GMT
content-encoding: br
last-modified: Mon, 24 Jul 2023 18:15:57 GMT
x-azure-ref-originshield: 0toXAZAAAAADmEQqBGE5xRau4Z7vVezKoTU5aMjIxMDYwNjEyMDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DB8C720749E4E3"
x-azure-ref: 04kjBZAAAAAA6u7GJX3TQQ4THoIIPCzNfWVRPMjIxMDkwODE3MDMzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: e3fb1adb-a01e-0012-104e-bf550b000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H3 200 jquery-migrate.min.js Show response
www.echoroukonline.com/wp-includes/js/jquery/ 13 KB
5 KB 30ms
30ms Script
application/javascript 2606:4700:20::681a:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.echoroukonline.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=6.2.2
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 09:11:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1840391
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBgroW%2BDu0T5%2BemOu9YiiI2g8HOWOBONOq1Qh5JpIguiwxC%2BfeRA%2FDTfs9iF1jbjFM61FegYKRyhSOIyMfE0jhdEjrqwhu2MShOm%2FddEEHj9SoMBZ1YFXYMDYQqAzkD9Q%2BjQ2MLzWGbTydThurkn5bId3IQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28020566
cf-ray: 7ecdff25ade336c9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 14 Jun 2024 23:54:32 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
427 B 42ms
39ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.echoroukonline.com&callback=_gfp_s_&client=ca-pub-3639022183676464

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95a8fb36cc4875693e6a49ff0758ba059ce82824d94929bd4ea2e6c2c8902373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E364 280 KB
54 KB 469ms
469ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639022183676464&output=html&adk=1812271804&adf=3025194257&lmt=1690388706&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fwww.echoroukonline.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690388705833&bpp=3&bdt=445&idt=345&shv=r20230724&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4808405214466&frm=20&pv=2&ga_vid=1065254421.1690388706&ga_sid=1690388706&ga_hid=1095182713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071258%2C31076343%2C44788441%2C21065725&oid=2&pvsid=2895556275635737&tmod=2039874011&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=378

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c437f5a57e379b12c548a277ae0c15ffcc1f74ab6df5ecd4b8f4de7589f42b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echoroukonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55050
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:25:06 GMT
expires: Wed, 26 Jul 2023 16:25:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.echoroukonline.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.echoroukonline.com%2F&rid=esp&cc=1

85 B
194 B

42ms
41ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.echoroukonline.com%2F&rid=esp&cc=1
Requested by: Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: bbda08fdf2c13dbe739e65a60c4c21953a18d85bd61701de07a3096d2f992ef3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-RCk5pCL83qdCDrE/FOn7g6xvefE"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.echoroukonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 26 Jul 2023 16:25:06 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.echoroukonline.com
location: /esp?url=https%3A%2F%2Fwww.echoroukonline.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
79 KB 54ms
54ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N4VLWE09BT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179798657-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa6f71446205016c7645ade2d6d98f0fee8dc3ffa0187d918b4a543f577b7072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81112
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 26 Jul 2023 16:25:06 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1095182713&t=event&_s=3&dl=https%3A%2F%2Fwww.echoroukonline.com%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D9%82%20%D8%A3%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86..%20%D8%B9%D9%8A%D9%86%D9%83%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%AC%D8%B2%D8%A7%D8%A6%D8%B1%20%D9%88%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=Clarity&_u=aGBACUABBAAAACAAI~&jid=&gjid=&cid=1065254421.1690388706&tid=UA-179798657-1&_gid=1120383213.1690388706&gtm=457e37o0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1697686607

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 05:19:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39936
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
699 B 113ms
40ms XHR
application/json 34.237.249.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.249.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-249-31.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7b7cfcbc3a1d285e35d30c17434be77b60a9fb25752f901a7998447450ed1306

Request headers

Referer: https://www.echoroukonline.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.echoroukonline.com
cache-control: no-cache
x-server: 10.40.41.156
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 container.html Show response
f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 241B 6 KB
3 KB 13ms
12ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echoroukonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:25:06 GMT
expires: Thu, 25 Jul 2024 16:25:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
331 B 330ms
113ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.echoroukonline.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.echoroukonline.com
date: Wed, 26 Jul 2023 16:25:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9B28 15 KB
6 KB 77ms
28ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.echoroukonline.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.echoroukonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:25:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 615996
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
302 B 116ms
32ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.echoroukonline.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.echoroukonline.com
Date: Wed, 26 Jul 2023 16:25:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 119ms
118ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: a4da279c583ce7dbf1ae4ea954a23bf8a57d86a2881427925a29d615e3ea6b21

Request headers

Referer: https://www.echoroukonline.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 2fe91c6cdf03ef559c57b01054575a7e
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 153ms
120ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.echoroukonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.echoroukonline.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 26 Jul 2023 16:25:06 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 79ea7b447f47f748e974207f3aff2a82

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/ Frame 241B 23 KB
9 KB 54ms
12ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/abg_lite_fy2021.js

Requested by

Host: f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com
URL: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:10:11 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 241B 109 KB
38 KB 60ms
11ms Script
text/javascript 2607:f8b0:4020:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/
Origin: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 17:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 17:02:43 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 241B 24 KB
7 KB 50ms
11ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com
URL: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 17:21:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 601405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 Jul 2024 17:21:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 241B 179 KB
57 KB 38ms
37ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com
URL: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57383
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690198756579870"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 16:25:06 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 33ms
32ms Ping
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-N4VLWE09BT&gtm=45je37o0&_p=1095182713&gdid=dZTNiMT&cid=1065254421.1690388706&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690388706&sct=1&seg=0&dl=https%3A%2F%2Fwww.echoroukonline.com%2F&dt=%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D9%82%20%D8%A3%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86..%20%D8%B9%D9%8A%D9%86%D9%83%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%AC%D8%B2%D8%A7%D8%A6%D8%B1%20%D9%88%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&en=Clarity&_fv=1&_ss=1&_ee=1&ep.eventCategory=Clarity&ep.eventAction=17cajrb&ep.nonInteraction=true&ep.claritydimension=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fc8i9yhkkql%2Fisvq25%2F17cajrb
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4VLWE09BT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.echoroukonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame AD1B 594 B
801 B 88ms
59ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 49d4df93aed2ec184f6763d561f6b0ecaba6da22c7e6899426ab14ab878a23e8

Request headers

Referer: https://www.echoroukonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 383
content-type: text/html
date: Wed, 26 Jul 2023 16:25:06 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9B28
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=echoroukonline.com&sn=ChromeSyncframe&so=0&topUrl=www.echoroukonline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=TXCL5XxyUU83NUM4NnVlM0RpZWNaZXN0c3FaT2E0cG55K2MrMC9rdjlCRFFLalBmMGRaSklxREJSZGhoOFQwVUtXaFpHQ3RmNHZLelhLaWZvdStMMDNpcHdqcTZQU2MwZ1lyNnRtQk9mZzYwTzcrcm9vbkZkOFZJWjVhbl...

463 B
675 B

96ms
25ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=TXCL5XxyUU83NUM4NnVlM0RpZWNaZXN0c3FaT2E0cG55K2MrMC9rdjlCRFFLalBmMGRaSklxREJSZGhoOFQwVUtXaFpHQ3RmNHZLelhLaWZvdStMMDNpcHdqcTZQU2MwZ1lyNnRtQk9mZzYwTzcrcm9vbkZkOFZJWjVhblNYNWtQY1JFTWs2SzBIbVMvd3dIUmRSNmV5WG1pTDBnR1M5OUFOSEVHZlFNYTVuVmZtbnpDdnQvRmU4MUE5TjFTUC9xb3NrSUZUSStRWnZoY040V3R6VWVjeVlpUlVlWEtISm44eFJkck9sMFVqck9lV3RWTEMvQVhORGZBdm9ITkZrYlZrOEFvS1BkcElZR2d5YWdabTg3SHUwbEtiVXRwQjh2TE51QXFqbFh4M0V2YkxzVT18&cppv=2

Requested by

Host: www.echoroukonline.com
URL: https://www.echoroukonline.com/

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

eadec561bb9a07a0b6a5fe3e4100583dc9f751eadb5a833b2e4fc90e6fa25c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:06 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2504000
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=TXCL5XxyUU83NUM4NnVlM0RpZWNaZXN0c3FaT2E0cG55K2MrMC9rdjlCRFFLalBmMGRaSklxREJSZGhoOFQwVUtXaFpHQ3RmNHZLelhLaWZvdStMMDNpcHdqcTZQU2MwZ1lyNnRtQk9mZzYwTzcrcm9vbkZkOFZJWjVhblNYNWtQY1JFTWs2SzBIbVMvd3dIUmRSNmV5WG1pTDBnR1M5OUFOSEVHZlFNYTVuVmZtbnpDdnQvRmU4MUE5TjFTUC9xb3NrSUZUSStRWnZoY040V3R6VWVjeVlpUlVlWEtISm44eFJkck9sMFVqck9lV3RWTEMvQVhORGZBdm9ITkZrYlZrOEFvS1BkcElZR2d5YWdabTg3SHUwbEtiVXRwQjh2TE51QXFqbFh4M0V2YkxzVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 256130
content-length: 0
expires: 0

GET
H3 200 ooredoo-CMPDima2000-728x90-AR.html Show response
s0.2mdn.net/dfp/2007758/5012314706/1690198690239/ooredoo-CMPDima2000-728x90-AR/ Frame 77A0 6 KB
2 KB 41ms
13ms Document
text/html 2607:f8b0:4020:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/2007758/5012314706/1690198690239/ooredoo-CMPDima2000-728x90-AR/ooredoo-CMPDima2000-728x90-AR.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32c45bfc2825469635b2f0f6896c1e0ad0c5ac527466105679c43f029c1531d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 15719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 2422
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 12:03:07 GMT
expires: Thu, 27 Jul 2023 12:03:07 GMT
last-modified: Mon, 24 Jul 2023 11:38:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 241B 0
29 B 125ms
124ms Image
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLnWzXbmiGckH6P_PyfyJVdmGWSexBOHaZgufTYFyZbzC9rs1xOO2ryGPG0t9CRKBdoAIyyr_cQoEhYStbXJgUSjIHucffHYwNh95Uu4v5VWGHDiwOPWpCmp9JJx92AZRMFBUn3vhIG6TSaTTBgdRPApoMfsKHDXxn4qZPZnQCxJUltLCkJQNjAHxcvyGQW2t94n_WV6o0yZ80NjMsQkDHqx4cVNp2aABjEmjj1eKr7iLpflvGg3nPkZRm5rDixlUzdWXbfZiRwBZ8kzYV5oRdd1MnKMm5gn7IWDaeJZaBqpS_SwTTRrBlZpFgAYOoAn7X0qMWtqJ0KO4frIa8OoNg_J4KruM&sai=AMfl-YS6Tcjgd8oBfeQV2JkBVlC1EYU271DZuMDC0AAgKo6sjVnsP8oGsSgYTe9WZ14HRwkTdrk4zYwb5PK_iSZFNIR2Btroo2A7Ybg11Jht2fwoSFNyTOOpdFUQJLsL7IEwRbz8Wv2oKRHXqOfOsWPs&sig=Cg0ArKJSzAOUhBOYgEFmEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com
URL: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Jul 2023 16:25:06 GMT

GET
H2 200 01174a15-6e47-e9e5-ce41-0459811e8938
pr-bh.ybp.yahoo.com/sync/openx/ Frame AD1B 43 B
603 B 91ms
28ms Image
image/gif 2600:1f18:4e9:5a02:3f87:95c8:530d:d4b6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/01174a15-6e47-e9e5-ce41-0459811e8938?gdpr=0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a02:3f87:95c8:530d:d4b6 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame AD1B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=cd06502c-e241-c056-3f98-903b167a8f91
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=cd06502c-e241-c056-3f98-903b167a8f91&dcc=t

43 B
855 B

55ms
55ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=cd06502c-e241-c056-3f98-903b167a8f91&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 16:25:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2ATTR8SKT1Q3N8ZSAWRH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 16:25:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: THD1Q81DHNZWXKNPKZQV
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=cd06502c-e241-c056-3f98-903b167a8f91&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame AD1B
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=95d02c51-feeb-7bac-ff96-12ac7e494471&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=95d02c51-feeb-7bac-ff96-12ac7e494471&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=031a87ee-df13-4d95-bcb5-ea06b6926a11&ttd_puid=95d02c51-feeb-7bac-ff96-12ac7e494471&gdpr=0&gdpr_consent=

43 B
240 B

53ms
44ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=031a87ee-df13-4d95-bcb5-ea06b6926a11&ttd_puid=95d02c51-feeb-7bac-ff96-12ac7e494471&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:06 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:06 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=031a87ee-df13-4d95-bcb5-ea06b6926a11&ttd_puid=95d02c51-feeb-7bac-ff96-12ac7e494471&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame AD1B 170 B
409 B 103ms
39ms Image
image/png 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjliZmZmOWItMzc5Yy0yNTA4LWVhNzYtNDgxNWI0YWI4YTEx

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame AD1B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAano-nFHf0CidYH4G_QV9s&google_cver=1

43 B
171 B

24ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAano-nFHf0CidYH4G_QV9s&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:06 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAano-nFHf0CidYH4G_QV9s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 77A0 260 KB
87 KB 60ms
59ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-58DLMRSP1R

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/2007758/5012314706/1690198690239/ooredoo-CMPDima2000-728x90-AR/ooredoo-CMPDima2000-728x90-AR.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ca440645bb81ce4c233f68bf916131b614a4f922f27808357924f1d399c25c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88773
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 26 Jul 2023 16:25:06 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 77A0 236 KB
63 KB 106ms
26ms Script
text/javascript 2600:1400:9000::687e:7763
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/2007758/5012314706/1690198690239/ooredoo-CMPDima2000-728x90-AR/ooredoo-CMPDima2000-728x90-AR.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1400:9000::687e:7763 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Wed, 26 Jul 2023 16:40:06 GMT

GET
H3 200 ooredoo-CMPDima2000-728x90-AR.js Show response
s0.2mdn.net/dfp/2007758/5012314706/1690198690239/ooredoo-CMPDima2000-728x90-AR/ Frame 77A0 24 KB
5 KB 18ms
16ms Script
text/javascript 2607:f8b0:4020:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/2007758/5012314706/1690198690239/ooredoo-CMPDima2000-728x90-AR/ooredoo-CMPDima2000-728x90-AR.js?1689892301285

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/2007758/5012314706/1690198690239/ooredoo-CMPDima2000-728x90-AR/ooredoo-CMPDima2000-728x90-AR.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42aff81d01e49e90e6ee1637e1f6fc3517e40bd06f00881dde5575cf81b3fa59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/2007758/5012314706/1690198690239/ooredoo-CMPDima2000-728x90-AR/ooredoo-CMPDima2000-728x90-AR.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 12:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4735
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 11:38:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jul 2023 12:03:07 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ 154 KB
52 KB 44ms
44ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

702437ae4c50a488c94543f2283fffe0c8db0a4e385805e51374ad46b748f325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53524
x-xss-protection: 0
server: cafe
etag: 10356574547241039696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 16:25:06 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F01F 436 B
234 B 674ms
674ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639022183676464&output=html&h=280&adk=352417564&adf=928226804&pi=t.aa~a.1016648249~rp.1&w=380&fwrn=4&fwrnh=100&lmt=1690388706&rafmt=1&to=qs&pwprc=5135116441&format=380x280&url=https%3A%2F%2Fwww.echoroukonline.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690388706826&bpp=2&bdt=1438&idt=-M&shv=r20230724&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67706b0c4f2da9b0-22471be8fee200aa%3AT%3D1690388706%3ART%3D1690388706%3AS%3DALNI_MacXnpMkQLjo1aDxJMRBDxybNrwrw&gpic=UID%3D00000d1f6ed2a758%3AT%3D1690388706%3ART%3D1690388706%3AS%3DALNI_MZgWRANRp91KVygtO2EFCDswRXT0g&prev_fmts=0x0&nras=2&correlator=4808405214466&frm=20&pv=1&ga_vid=1065254421.1690388706&ga_sid=1690388706&ga_hid=1095182713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071258%2C31076343%2C44788441%2C21065725&oid=2&pvsid=2895556275635737&tmod=2039874011&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=10&uci=a!a&btvi=1&fsb=1&xpc=U2un0kPic3&p=https%3A//www.echoroukonline.com&dtd=47

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f27e9f30a89d034bf33b7b691ffd5a14ee50654f4d19d00cd3e4b41b88f867a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echoroukonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:25:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0B6E 436 B
234 B 605ms
605ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3639022183676464&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.1524871759~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1690388706&rafmt=1&to=qs&pwprc=5135116441&format=1200x280&url=https%3A%2F%2Fwww.echoroukonline.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690388706826&bpp=2&bdt=1437&idt=2&shv=r20230724&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67706b0c4f2da9b0-22471be8fee200aa%3AT%3D1690388706%3ART%3D1690388706%3AS%3DALNI_MacXnpMkQLjo1aDxJMRBDxybNrwrw&gpic=UID%3D00000d1f6ed2a758%3AT%3D1690388706%3ART%3D1690388706%3AS%3DALNI_MZgWRANRp91KVygtO2EFCDswRXT0g&prev_fmts=0x0%2C380x280&nras=3&correlator=4808405214466&frm=20&pv=1&ga_vid=1065254421.1690388706&ga_sid=1690388706&ga_hid=1095182713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071258%2C31076343%2C44788441%2C21065725&oid=2&pvsid=2895556275635737&tmod=2039874011&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=11&uci=a!b&btvi=2&fsb=1&xpc=SCY5uYcUpW&p=https%3A//www.echoroukonline.com&dtd=54

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de5c85456f4a13f6e9e12a281dbf02d6e7b7f5c1f63aeb172e6b40e84a7d6553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echoroukonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:25:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ooredoo_CMPDima2000_728x90_AR_atlas_1.png
s0.2mdn.net/dfp/2007758/5012314706/1690198690239/ooredoo-CMPDima2000-728x90-AR/images/ Frame 77A0 292 KB
292 KB 14ms
14ms Image
image/png 2607:f8b0:4020:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/2007758/5012314706/1690198690239/ooredoo-CMPDima2000-728x90-AR/images/ooredoo_CMPDima2000_728x90_AR_atlas_1.png?1689892301234

Requested by

Host: f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com
URL: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

526951952fc9fa063d6c534d46c2606254b69cc71e0cc5a6ee1c43543b7d04b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/2007758/5012314706/1690198690239/ooredoo-CMPDima2000-728x90-AR/ooredoo-CMPDima2000-728x90-AR.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 12:03:08 GMT
x-content-type-options: nosniff
age: 15718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298956
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 11:38:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jul 2023 12:03:08 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 241B 0
0 68ms
42ms Fetch
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst30bZWxMNJoDbDW4dPl5iHiivPYG-7dOsBRn_NBGY6FpLdcMDMpCdk8RA6h19PA2P0Zgt9hIXkq8FyEogELSrQIofv6vnChTovYwW7o-Gv6T6qGbPm-Syir5MGa_xY8mnZolaNWZmS_FCj3-6TeloJ9-hp_790p_zZXOf2grt_kDCopN45StP0NXuCo1UD_M4URVYkhoBL5AtLuL7aDY7BJEva7ZgAfi_5BokEcvYGRZP-sq2u6UTmpvorRlEq7RyKVRuBnNXhPWtXoLyHF96A6bk5m15O7Y01hVRHHe7dnqMeh32zN44t_rOlikZcdRtwUnH-d9hmf6TR7GiNbSdP1qyiIpfpUA&sai=AMfl-YSGCFjTNl-hWNK6HeYetlG-2a7j8tukBLTxstt43qP-2fE_wBfgGDnd9ANhNMhUtmwkCQ6Io7bh5gy64FxljiONyByQIRqvrEtVXyxl_o1h4RRz9yLCmCyOU-kuwK-F-iqNnXbtCRfuWCjqdOga&sig=Cg0ArKJSzHf8Jj1l6Kd_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Jul 2023 16:25:06 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/ Frame 7045 10 KB
4 KB 12ms
11ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echoroukonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 54923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 01:09:43 GMT
etag: 12368291122986407432
expires: Wed, 09 Aug 2023 01:09:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/ Frame FCCC 10 KB
4 KB 12ms
11ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echoroukonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 54923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 01:09:43 GMT
etag: 12368291122986407432
expires: Wed, 09 Aug 2023 01:09:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
302 B 111ms
81ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.echoroukonline.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.echoroukonline.com
Date: Wed, 26 Jul 2023 16:25:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/ Frame 7045 23 KB
9 KB 11ms
11ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:10:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 713A 143 B
166 B 12ms
12ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:21:35 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 7045 3 KB
1 KB 12ms
11ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:10:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 7045 20 KB
8 KB 12ms
11ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32ff9bf998cf59e2f25def004a13d818a90a26fdf631627beee581b12ca78cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8302
x-xss-protection: 0
server: cafe
etag: 1396992018294926149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:10:11 GMT

GET
H2 200 13692889874949386297
tpc.googlesyndication.com/daca_images/simgad/ Frame 7045 56 KB
56 KB 16ms
15ms Image
image/png 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13692889874949386297

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebcb70e8b7ceda793df615d0e145ba032a661a84e52f45549199e45162c39d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:12:47 GMT
x-content-type-options: nosniff
age: 115940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57200
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 04:23:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Jul 2024 08:12:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7045 179 KB
56 KB 40ms
39ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57383
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690198756579870"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 16:25:07 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 7045 33 KB
13 KB 13ms
12ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

270cedc219d3fc8f692ce05f430d1f1c54b55ac7b99bea833cd01f7e7406a185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13556
x-xss-protection: 0
server: cafe
etag: 8147963663154173681
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:12:11 GMT

GET
H2 200 13692889874949386297
tpc.googlesyndication.com/daca_images/simgad/ Frame FCCC 56 KB
56 KB 13ms
11ms Image
image/png 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13692889874949386297

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebcb70e8b7ceda793df615d0e145ba032a661a84e52f45549199e45162c39d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:12:47 GMT
x-content-type-options: nosniff
age: 115940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57200
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 04:23:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Jul 2024 08:12:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/ Frame FCCC 23 KB
9 KB 16ms
16ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:10:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D59 143 B
166 B 12ms
11ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:21:35 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame FCCC 3 KB
1 KB 15ms
14ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:10:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame FCCC 20 KB
8 KB 16ms
15ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32ff9bf998cf59e2f25def004a13d818a90a26fdf631627beee581b12ca78cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8302
x-xss-protection: 0
server: cafe
etag: 1396992018294926149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:10:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCCC 179 KB
56 KB 56ms
56ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57383
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690198756579870"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 16:25:07 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame FCCC 33 KB
13 KB 15ms
14ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

270cedc219d3fc8f692ce05f430d1f1c54b55ac7b99bea833cd01f7e7406a185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13556
x-xss-protection: 0
server: cafe
etag: 8147963663154173681
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:12:11 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 713A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
33ms

Document
text/html

2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:25:07 GMT
expires: Wed, 26 Jul 2023 16:25:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:25:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D59
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
39ms

Document
text/html

2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:25:07 GMT
expires: Wed, 26 Jul 2023 16:25:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:25:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js Show response
pagead2.googlesyndication.com/bg/ Frame A90E 37 KB
14 KB 12ms
12ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7510acfe24a32d83799811456324f23dc4e232b122f6fb98b21f94cf6de6529f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 19:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 505544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14586
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 19:59:23 GMT

GET
H3 200 dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3EB2 37 KB
14 KB 12ms
11ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230724/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7510acfe24a32d83799811456324f23dc4e232b122f6fb98b21f94cf6de6529f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 19:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 505544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14586
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 19:59:23 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 52ms
48ms XHR
application/json 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

668171fa5d01b32ffc7b6009141df14f039f9974f295ebfece431d04058b6f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11720
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ADF08C5AC80941F0831090CBF992520F&RedC=c.clarity.ms&MXFR=323DAA5D59C96F6B3A29B9075DC96166
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ADF08C5AC80941F0831090CBF992520F&MUID=1B1A6371E38B65C00679702BE2B06406

42 B
442 B

32ms
31ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ADF08C5AC80941F0831090CBF992520F&MUID=1B1A6371E38B65C00679702BE2B06406
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:07 GMT
last-modified: Tue, 06 Jun 2023 17:31:18 GMT
server: Microsoft-IIS/10.0
etag: "7cd81bb49c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EFD6A0BC403549A3928BE392704DCA9C Ref B: YMQ01EDGE0616 Ref C: 2023-07-26T16:25:07Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ADF08C5AC80941F0831090CBF992520F&MUID=1B1A6371E38B65C00679702BE2B06406
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 67ms
66ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jul 2023 16:25:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 475C 13 KB
5 KB 14ms
11ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.echoroukonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 363812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 11:21:35 GMT
expires: Sun, 21 Jul 2024 11:21:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 74FA 783 B
972 B 40ms
39ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

de2c9b8463be7b2ea8c2d0eab98b95eaa8dc16ba3730dce226145e826e0e1088

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jF1NXRDRHwvhBnq8xNJuWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.echoroukonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-jF1NXRDRHwvhBnq8xNJuWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 16:25:07 GMT
expires: Wed, 26 Jul 2023 16:25:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js Show response
pagead2.googlesyndication.com/bg/ Frame 475C 37 KB
14 KB 12ms
12ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dRCs_iSjLYN5mBFFYyTyPcTiMrEi9vuYsh-Uz23mUp8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7510acfe24a32d83799811456324f23dc4e232b122f6fb98b21f94cf6de6529f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 19:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 505544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14586
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 19:59:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 74FA 0
0 43ms
42ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307200101&jk=2895556275635737&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 475C 0
10 B 11ms
11ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GAZ_0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:25:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 241B 42 B
64 B 110ms
109ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUnMXGRPLtvgQnINZAn_R1abjTh8HO2VjvvHIhBS_f34OFJ5j4PJyaWtuV7mPJcCkHvfP5LQnWxMdruyLMjLR0jxA1etskGwgqAaQ0XZRy9pdrhx5h&sig=Cg0ArKJSzK-Oo7kTu_w6EAE&id=lidar2&mcvt=1000&p=715,436,805,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230724&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=2577656688&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690388706324&rpt=618&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307200101&jk=2895556275635737&bg=!nZ6lnsrNAAa0yfNklMk7ADkAdvg8WmGvNW_JxjWZ_7L_qnNxboeg1n1L6bMqhqNRjTY7iWJ4opNk9CllMuvvPjd9JOxJ4x1LaM8CAAAAeVIAAAALaAEHCgBhM0vKsRuOFO9N-GaEh1njqprYtUAolSXbabbmtMt6hEH6Q9z9VAT5ZDPwCq5igYFWyWbGdwG7JVQpnHduPh0uWt_f_CUrCRfegYcpB6Jw7MIEHqcJaBjUjbVuRffw4pf4o5kCq0oQSmgPEEPdY7xpe066QjKolSBI3lq0fcGoAz7viAhIQAEzLdLvU9rNUpx33Pszi7mx6Zt0ZN7m3Xx7r9jkiQC4_RszjxcakhcDC5vZYmlB9AmXtbCkFIaTD1t-NmyZ_3q2Up-gr-m0WFTrMlCjD5NfhL6PaTgMTEo6TPNuNYPJDxKXVphuoG3zgBcprvk-wKVWxsYXabJhzW_tZvnnszofZIr61yr266oWrdK_wFeIXvwenzpnmyyg5cJPWQ60-c5YOogY4YoRBErLf8_GPLNZgPC_2qTnj2QOCsgulRk9amKjvRuJ5aL4LMhkAeqExOCTx8aalsf-v17OV1pF_ax4-AW0kG0DxNUKX5j4j199FPuNcI4dkYPH_BNGzAWEV2RUjDmj4tovnNHdXn8DD_U40UmAycYYKlZztroBsYer-aJrjlwxjAa7xutbkjJKSqTxmRZc4uv4OWe7jwQTcHtT5pAN2un2RJg3qBI093lcMjYmSv3JYS7ScxgYTzrM4_Qdj0qY88TJzEzTrUpbUbFqwKj7CCEPboE_zkE5UYmAr3mod61pzPM6vgWAxvMeDW8YV6d4OScjZ5O63ye8Sbb5FwqyZ5vraBRjClO09LIkR04sdJ6-LHC4xj9AgP_yhQCXzFPJoNZ_mBCdkBpbUirOT6Z39qvyZdUUuPugZaKAQu1lJv9-UFmcJ_Jn6teDzdNELnaezs12KYRR6k08D0F2qzl_nJLQ-6JbxzQZZWfoIdendN2SLeXoqooRFGllA9gPF3kDneecdXVdRn5SY0ivtAqxEHq7Qt5_4Hx33q2oPD0z4G1g_iOf11lr0Vt92rJmIYzYesDy9FIUbskiScsQQHvP6XhaSd03LpLHdi8oPZcOZ8s01lTQUf0o0q2W1IvIh7q5BH1-q0FU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
302 B 33ms
32ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.echoroukonline.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.echoroukonline.com
Date: Wed, 26 Jul 2023 16:25:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 35ms
34ms Ping
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GZ6NDC4SBL&gtm=45je37o0&_p=1095182713&gdid=dZTNiMT&cid=1065254421.1690388706&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1690388705&sct=1&seg=0&dl=https%3A%2F%2Fwww.echoroukonline.com%2F&dt=%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D9%82%20%D8%A3%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86..%20%D8%B9%D9%8A%D9%86%D9%83%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%AC%D8%B2%D8%A7%D8%A6%D8%B1%20%D9%88%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&en=Clarity&_ee=1&ep.eventCategory=Clarity&ep.eventAction=17cajrb&ep.nonInteraction=true&ep.claritydimension=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fc8i9yhkkql%2Fisvq25%2F17cajrb&_et=412
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GZ6NDC4SBL&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.echoroukonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:25:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.echoroukonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.echoroukonline.com/	1970-01-20 13:34:35	Name: _gid Value: GA1.2.1120383213.1690388706
.echoroukonline.com/	1970-01-20 13:33:08	Name: _gat_gtag_UA_179798657_1 Value: 1
.echoroukonline.com/	1970-01-20 23:09:08	Name: _ga Value: GA1.1.1065254421.1690388706
www.clarity.ms/	1970-01-20 22:18:44	Name: CLID Value: a2e58f25be0241c39a2c93eac0b627fc.20230726.20240725
.echoroukonline.com/	1970-01-20 22:18:44	Name: cf_clearance Value: .3xEIa5lohAeUVSPmzG3XB3L7m9NhStQ31J6vXqOn04-1690388706-0-0.2.1690388706
.echoroukonline.com/	1970-01-20 13:33:08	Name: lotame_domain_check Value: echoroukonline.com
.echoroukonline.com/	1970-01-20 22:18:44	Name: _clck Value: isvq25\|2\|fdm\|0\|1302
.echoroukonline.com/	1970-01-20 23:09:08	Name: _ga_GZ6NDC4SBL Value: GS1.1.1690388705.1.0.1690388706.0.0.0
.openx.net/	1970-01-20 22:18:44	Name: i Value: 467c1308-576c-445b-a540-da441a6e778c\|1690388706
.echoroukonline.com/	1970-01-20 22:54:44	Name: __gads Value: ID=67706b0c4f2da9b0-22471be8fee200aa:T=1690388706:RT=1690388706:S=ALNI_MacXnpMkQLjo1aDxJMRBDxybNrwrw
.echoroukonline.com/	1970-01-20 22:54:44	Name: __gpi Value: UID=00000d1f6ed2a758:T=1690388706:RT=1690388706:S=ALNI_MZgWRANRp91KVygtO2EFCDswRXT0g
.crwdcntrl.net/	1970-01-20 20:01:55	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 20:01:55	Name: _cc_id Value: c71f03b16cd25c8690f78d00c32573dd
.criteo.com/	1970-01-20 22:54:44	Name: uid Value: 91a8001c-6116-4e48-ace2-477d2177e5b7
.echoroukonline.com/	1970-01-20 23:09:08	Name: _ga_N4VLWE09BT Value: GS1.1.1690388706.1.0.1690388706.0.0.0
.echoroukonline.com/	1970-01-20 20:01:56	Name: _cc_id Value: c71f03b16cd25c8690f78d00c32573dd
.echoroukonline.com/	1970-01-20 13:43:13	Name: panoramaId_expiry Value: 1690993506389
.echoroukonline.com/	1970-01-20 13:43:13	Name: panoramaId Value: 17960f82e58b815fcd592eeb2be116d5393858a34c3398811e30ccf5b88aa311
.echoroukonline.com/	1970-01-20 13:43:13	Name: panoramaIdType Value: panoIndiv
.echoroukonline.com/	1970-01-20 13:34:35	Name: _clsk Value: 17cajrb\|1690388706521\|1\|1\|x.clarity.ms/collect
.openx.net/	1970-01-20 13:54:44	Name: pd Value: v2\|1690388706\|vMgavPkWgy
.echoroukonline.com/	1970-01-20 22:54:44	Name: cto_bundle Value: OIie419UUHJtOERyTEROM2JwS1lKNEtxSDNCUDFYRWZ1JTJCVDVlJTJCYWR3Q1ROZ0Q5S3VXSXBtM3ZZYkpOZ1FBRTVOdGJNMUdPU0lJeWVReXdFVGNUJTJGZiUyQlZYdXpIdVE5V3o1OHZqOXg3RlBzWiUyRmZ2QURtYWJJbTZCakdyTWNFeGFyTzNZWlVoTUk2WWhoS0VlWFU1TWRwbmU2SXg4b0pBc3hSZmNrJTJCaVZ1N0hZJTJGMERVMCUzRA
.yahoo.com/	1970-01-20 22:19:06	Name: A3 Value: d=AQABBOJIwWQCEHwirURzRbRlCOeo54sKXSwFEgEBAQGawmTLZAAAAAAA_eMAAA&S=AQAAAtanAdarRO8WOjNzayXNOKQ
.adsrvr.org/	1970-01-20 22:20:11	Name: TDID Value: 031a87ee-df13-4d95-bcb5-ea06b6926a11
.adsrvr.org/	1970-01-20 22:20:11	Name: TDCPM Value: CAEYBSABKAIyCwiy0_Or8_-GPBAFOAE.
.doubleclick.net/	1970-01-20 23:09:08	Name: IDE Value: AHWqTUnMrRdKs2oWaoGN6pXa2Pac2rgfNcv0rJP99CK8VbvKek_wpud-6p0nrICBJ2k
.openx.net/	1970-01-20 13:54:44	Name: univ_id Value: 537072971\|031a87ee-df13-4d95-bcb5-ea06b6926a11\|1690388706785158
.amazon-adsystem.com/	1970-01-20 19:33:08	Name: ad-id Value: AyKJoxbzdkhQuKWyC_u6qrM
.amazon-adsystem.com/	1970-01-20 23:09:08	Name: ad-privacy Value: 0
.doubleclick.net/	1970-01-20 13:33:12	Name: DSID Value: NO_DATA
.bing.com/	1970-01-20 22:54:44	Name: MUID Value: 1B1A6371E38B65C00679702BE2B06406
.c.bing.com/	1970-01-20 13:43:13	Name: MR Value: 0
.c.bing.com/	1970-01-20 22:54:44	Name: SRM_B Value: 1B1A6371E38B65C00679702BE2B06406
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 22:54:44	Name: MUID Value: 1B1A6371E38B65C00679702BE2B06406
.c.clarity.ms/	1970-01-20 13:43:13	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 13:33:09	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
c.bing.com
c.clarity.ms
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.speakol.com
cm.g.doubleclick.net
code.createjs.com
esp.rtbhouse.com
f750efdd075873ca01e8f21f42ee0cfe.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i.dzs.cloud
i0.wp.com
id5-sync.com
invstatic101.creativecdn.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
us-u.openx.net
www.clarity.ms
www.echoroukonline.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.clarity.ms
13.224.214.92
141.95.98.65
172.217.13.98
172.64.152.222
192.0.77.2
20.110.205.119
20.114.190.119
2600:1400:9000::687e:7763
2600:1f18:4e9:5a02:3f87:95c8:530d:d4b6
2600:9000:20ed:600:a:e047:753:be1
2600:9000:25c8:f000:0:adab:c280:93a1
2606:4700:10::6816:3456
2606:4700:20::681a:582
2606:4700:3035::6815:556f
2607:f8b0:4020:804::2002
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::200a
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2003
2607:f8b0:4020:806::2008
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2004
2607:f8b0:4020:807::2006
2620:100:a001::4
2620:100:a001::c
2620:1ec:29:1::40
2620:1ec:c11::200
2a04:4e42::485
34.102.146.192
34.120.135.53
34.237.249.31
34.96.70.87
35.190.39.111
35.244.159.8
35.71.131.137
52.46.155.104
74.119.119.139
037e204b336b111a84c08af22399efd6138ed114e9c541d5dc6c6d6cd6cece73
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0989f1622bf1306dc1bbc937fc7560e4ae283d53aab3c0d2295065e017ae2ac7
0a866af2f630279cce98c2fa112410e49c734000674cdf67277692b12940be9b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d6e90d4b6272743aaea4b5a27ca8592088f15aa2f0ee8848d5cef5d605bbd13
0fb55c760e6e846e7ed2d79059247f536e4c55e14f6af287311028653de48ca4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
270cedc219d3fc8f692ce05f430d1f1c54b55ac7b99bea833cd01f7e7406a185
2a49077d66b4a665fb99938db5d5e185f7718b64335fc23794eac3f2e33f1cd2
2cacbbaeb164b727e2b5380b54d26036556901b502e32bbe186711fbe0ec3afb
2e6e9df473584cfaf6138577bd94c3be7049b4cd109b8f98d2d5d97ce32d8f7c
311793226e196c9ea63898632d842b3b1a0d05b8550a8ee72868063d97699d83
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32c45bfc2825469635b2f0f6896c1e0ad0c5ac527466105679c43f029c1531d6
32ff9bf998cf59e2f25def004a13d818a90a26fdf631627beee581b12ca78cae
37cb4cdced4571ce8e3dd3bb71816f591dac12b4a7279fd59e82892a1b6a07d4
3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5
3d93f52094e0e7c27556432bc954d78a3b90066692aded5e3d000468b645cefb
42aff81d01e49e90e6ee1637e1f6fc3517e40bd06f00881dde5575cf81b3fa59
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
49d4df93aed2ec184f6763d561f6b0ecaba6da22c7e6899426ab14ab878a23e8
4ca440645bb81ce4c233f68bf916131b614a4f922f27808357924f1d399c25c6
4cee3ec9b06287e641b153f0ec21002ff84ea5ef4a1180873bfba03de6cb8d8d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
526951952fc9fa063d6c534d46c2606254b69cc71e0cc5a6ee1c43543b7d04b1
53973a1b7212a9ee52cfbafb979e149a4f75ce999ea3eec095916327f459a93f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a17c266896c428fe75269421e8fc2ea796062a81a8ee76ae1fdfa5680760a77
5d9627946fcad2ddacefe71e61e52e0fe6da36f2957869ce1d4abf8e410fbc6e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634cdd53620d07a0838e85074b6788a71a44c1ad4b0d8c0a588083aa11aa93b6
668171fa5d01b32ffc7b6009141df14f039f9974f295ebfece431d04058b6f9e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6f27e9f30a89d034bf33b7b691ffd5a14ee50654f4d19d00cd3e4b41b88f867a
702437ae4c50a488c94543f2283fffe0c8db0a4e385805e51374ad46b748f325
70ce0ccccb5a5920b8f1a9b9f27d002e6a34947d288e8c1c27680ddf4c56b334
72e8a924e491e738b56c7da00aa690c77f21f87408ebe50d45f3139f2eb3a009
7510acfe24a32d83799811456324f23dc4e232b122f6fb98b21f94cf6de6529f
7614bdfed7d3ab1137894298f6aa93a45def07809b7dd5cfad744c00014682fe
7b7cfcbc3a1d285e35d30c17434be77b60a9fb25752f901a7998447450ed1306
7c437f5a57e379b12c548a277ae0c15ffcc1f74ab6df5ecd4b8f4de7589f42b7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8763820c94db2bb23e3e97b5fa6b3ad7d1a69955731ba3c46191f46659a71670
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
9520530ecc36366b7f419cd94439b5ac554b6a271c28c463e91a7aeda716f383
95a8fb36cc4875693e6a49ff0758ba059ce82824d94929bd4ea2e6c2c8902373
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f04f349442a1766a53821929e8af1cab4ae85c3fec07520f002a9e3abdfaa1a
a4b9b745ae2f74a7ad070bc8227a08bf8ab2731ad0b4af6447c24ab275af6403
a4da279c583ce7dbf1ae4ea954a23bf8a57d86a2881427925a29d615e3ea6b21
a517f4e8a95a7bc5f3050555c4e1ac71f3d9caf168b09638a2429e25e3e7764d
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
aadd6803cef5f4f1f35e9e46a92fb2c0b84c8b152eb1f6e55c1b40a9808e1fd0
ac689913aa2fc6dd4895b77879185d5b8f398fb3292c17bdc14c2de5b10abd0b
ad3c627a057dd303e52dc3a7884c0684c488070604edf725c323fb86bb3de7da
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b2c84f6bba1599aac142a4c93b5a58be41bfed010c924c78c9ca6f13a16078d6
b3c174caa5d603c2814e90905c9818436a91a0cc8f21367320123a355fcb5978
b72d6cc72df6e1b4ecbf610ac1aa911cbabd1c6147a5ce1a425c897e2af3a9fd
bbda08fdf2c13dbe739e65a60c4c21953a18d85bd61701de07a3096d2f992ef3
bfd118d3bac7affa040a76b02b691f17fa5e58e014ac84b5c125a929f33d2ccf
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e7134833105ce97772f370417982e4b04431af5f18211825b9ea75523de7fa
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
ca372f1d4ced7e2a37e83eb5b880159ba569a4fbf613b9cc2894a6c8726c13f6
cbec7579d8c2963f13b8ef90847bef861b534371bfd2dab99ebb09ff1528b0e9
d59000bf43557381244962f1e622267171c981e0917ce57af01278eeb247da93
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de2c9b8463be7b2ea8c2d0eab98b95eaa8dc16ba3730dce226145e826e0e1088
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5c85456f4a13f6e9e12a281dbf02d6e7b7f5c1f63aeb172e6b40e84a7d6553
e37de2da0560cceef4f26c8e1244ce006d2951eb99861a3b0a25efc387b404d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e6a23e6a3399b52a5576c28b2236b48953949793fc17f2c733d35b084d7a0085
eadec561bb9a07a0b6a5fe3e4100583dc9f751eadb5a833b2e4fc90e6fa25c9a
ebcb70e8b7ceda793df615d0e145ba032a661a84e52f45549199e45162c39d0a
ec3326f5d6d35124f9b6b6e750cacec342e0fd564da17f35f0ca5066939ea8c6
ec41ca6adaddf52a747d56d3b8eafc6506d986e7efff8323da27fa3201756a9a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
f2c26a10f00db319722222bc52525484477d22fc2de733c6d5f2059fb8cd740d
f2e6e9a42ac38977b815f096c1a24bac7e7be292fc9691107263b9241aaee531
f63235b77e3c8823fba5b2acdfc62e28ce1b31cf4dc8877807f4b3691007abde
f8883b2b9fa838170872c2de8bf9e7891a4673595e9c09e712e85db186192322
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
fa6f71446205016c7645ade2d6d98f0fee8dc3ffa0187d918b4a543f577b7072

www.echoroukonline.com Open in urlscan Pro 2606:4700:20::681a:582 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

125 Requests

94 %HTTPS

59 %IPv6

31 Domains

42 Subdomains

38 IPs

3 Countries

2261 kBTransfer

5402 kBSize

37 Cookies

4 Outgoing links

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.echoroukonline.com Open in urlscan Pro
2606:4700:20::681a:582 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

94 %
HTTPS

59 %
IPv6

31
Domains

42
Subdomains

38
IPs

3
Countries

2261 kB
Transfer

5402 kB
Size

37
Cookies

125 HTTP transactions
6 data transactions