urlscan.io logo urlscan.io
SecurityTrails logo

www.rafyon.net Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.rafyon.net/
Effective URL: https://www.rafyon.net/
Submission: On December 06 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 4 countries across 22 domains to perform 93 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rafyon.net.
TLS certificate: Issued by GTS CA 1P5 on November 16th 2023. Valid for: 3 months.
This is the only time www.rafyon.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 38 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.245.143.83 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
1 141.95.98.64 16276 (OVH)
1 52.19.8.73 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.244.159.8 15169 (GOOGLE)
2 172.217.18.6 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 4 216.58.212.162 15169 (GOOGLE)
2 4 172.64.151.101 13335 (CLOUDFLAR...)
2 3 37.252.171.21 29990 (ASN-APPNEX)
93 31
38    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.rafyon.net
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:9000:225e:a00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
1    2600:9000:2156:aa00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
1    2600:9000:211a:4800:f:a31d:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.optad360.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:2250:1200:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    18.245.143.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-143-83.lhr5.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
10    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    52.19.8.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
7    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
2    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
cm.g.doubleclick.net
4    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
Apex Domain
Subdomains		 Transfer
38 rafyon.net
www.rafyon.net
572 KB
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
113 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 139
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
206 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
2 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
2 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
7 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
657 B
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
164 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
12 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
34 KB
2 gstatic.com
fonts.gstatic.com
62 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
989 B
2 optad360.io
get.optad360.io — Cisco Umbrella Rank: 39286
cmp.optad360.io — Cisco Umbrella Rank: 55535
61 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
55 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
64 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789
3 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 optad360.net
cdn.optad360.net — Cisco Umbrella Rank: 61231
3 KB
93 22
Domain Requested by
38 www.rafyon.net 1 redirects www.rafyon.net
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.rafyon.net
843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.rafyon.net
843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
3 cdnjs.cloudflare.com www.rafyon.net
cdnjs.cloudflare.com
2 ad.doubleclick.net www.rafyon.net
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects
2 843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.rafyon.net
1 s0.2mdn.net 843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
1 www.googletagservices.com 843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
1 googleads.g.doubleclick.net 843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 www.google.com tpc.googlesyndication.com
1 mug.criteo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.optad360.net
1 cmp.optad360.io www.rafyon.net
1 get.optad360.io www.rafyon.net
93 32

This site contains links to these domains. Also see Links.

Domain
www.arb4host.net
en.optad360.com
Subject Issuer Validity Valid
rafyon.net
GTS CA 1P5		 2023-11-16 -
2024-02-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.optad360.io
Amazon RSA 2048 M02		 2023-09-17 -
2024-10-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.optad360.net
Amazon RSA 2048 M02		 2023-06-26 -
2024-07-24		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.rafyon.net/
Frame ID: 980BC108ECCD5C6B15D52DE837D9CB5F
Requests: 64 HTTP requests in this frame

Frame: https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5D79D4096963F6FD86BB7EDD8FC746FC
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.rafyon.net
Frame ID: 7AD24AAEBB690F07AFB011A593F89D8E
Requests: 2 HTTP requests in this frame

Frame: https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3FABD8B976C17AA58346843624CAB223
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E1C1BDE36A14F15808885BE8D7FE3AD9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 50B2EF6567C6BCD42024DED09FF3B33E
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 32C871EA2C22C245E371782553E16B37
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGNT98f4BMAE&v=APEucNUmgQz-WUQrf-W8nh9lLHS30e-FoZ079IFiSUy7mNBSL4Nd2NPg7bSh57mULXzwSaud0awPxhmBAMa9-SUqAV2BVsJ1Fu8ZuiRs1NrcZxkB0M74j8AUvhTstV4FlWdmrkgdlbv5YGWsPZNwJ-1gmVOgLl-FN0r4xDRKyMkhAX2ifTUjFGBEhUQcBsiTrJPbu1_DD67itwTGcvAlTBsNGOOwmNr9nA
Frame ID: 687139DC49D2457239EED2BE38FF304A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B32CDF5580078A1EE36E093C9EE684E7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

رافيون

Page URL History Show full URLs

  1. http://www.rafyon.net/ HTTP 301
    https://www.rafyon.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

93
Requests

92 %
HTTPS

63 %
IPv6

22
Domains

32
Subdomains

31
IPs

4
Countries

1383 kB
Transfer

2990 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.rafyon.net/ HTTP 301
    https://www.rafyon.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.rafyon.net%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.rafyon.net%2F&rid=esp&cc=1
Request Chain 64
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=rafyon.net&sn=ChromeSyncframe&so=0&topUrl=www.rafyon.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=bPsJ0HxoUVJyUkhHNHdlM0VEZDdDRk1Gb1dHYktYK0NWOEF1bURDRE1EWGJqOFp5SzlUTXgxQi9tOTQ1aTdobnloc1RpTGVScVVncHF5eFhxeTZQYlJYYUNZamZLd3NRNDF0VDg5T0hSdnBHNkFsK1hha2NXRlE5dUt6SFpTam1VSDJvbW1KMkdTb2tHTVZERXpXd3pta2U5QVE0a2Q2ejM4a04yNVZDTjM1YWpRU0prZVZjWU9aSmlCaWtwVzI4YlVjaC8wd0hSVkJZeXI5dFVZWFlzY0l0QTdHU0IyNXVjNUQ5VFdTZHYyaWpVK055ZUgxTDJwemtGeHRpK3ZXZEdhaTZQZnVWb3JlQ0w0enJ0Qm1DanJlWTZpdz09fA&cppv=2
Request Chain 80
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKmtsyWvbp2wUSgRRg8cjHM&google_cver=1
Request Chain 81
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXCBNG4G3.KUr69LQ.2B.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwlPXEEIDO6cKyx8eWpjLI&google_cver=1&google_hm=2
Request Chain 82
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELG1x-ByQ7vC3AP8VcnYJ7I&google_cver=1
Request Chain 83
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMzODM0NzIzMDc0ODY4Mzc0NQ%3D%3D

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.rafyon.net/
Redirect Chain
  • http://www.rafyon.net/
  • https://www.rafyon.net/
53 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7be852fa90099f7dd21fa33dd43173b0ef0eb29ca9a871bbcede3804bf1d3aa1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83151f1cf9a50c35-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 06 Dec 2023 14:12:02 GMT
link
<https://www.rafyon.net/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNi%2BHoeRE24En7OxTSDl0%2FL9a3IiCTkyxmtaTtYIIe7SJbpHObbWX0nq3GQ5RNuyvEO0CBtSsDmMmR3QE100T7FuaTtODT3t%2B7wL2%2FukcnIFraQmzwkKbRQvqVxqfcta1Lk5H%2F8MgbB3x%2B5dmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
83151f1c5a0f668a-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 06 Dec 2023 14:12:02 GMT
Expires
Wed, 06 Dec 2023 15:12:02 GMT
Location
https://www.rafyon.net/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQKPKVyssAssEuyDARKu494vt3Ym4pDO9COz19nFcUO8m%2FF%2BzR5wRtGSF9WhL1F93U4gJCRADwHukxOjgii%2FAADX%2BwswvEEkViJ2MffUvWp8a7175zZjqAXpv4aKrdGRr70VXwt6CqpLFDBtqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
style-rtl.min.css
www.rafyon.net/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rafyon.net/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.3.2
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0f27ee92a26e2bbb2393e7695351be1c91d890492943f52cf18fcfd899666ed

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 18 Sep 2023 09:26:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRH%2FQkoUfOmEMXW%2F0sR61zYAT3fWGiXtx%2FLQZkevaS7xodvF7CUCmP%2Fo%2FT3MX2LGtvkD2GUwUdptcA8ho4Ij0zKnBtySNPAvdxgxGP9xzd6%2Fxzfnxmeumck93m%2BWsKPNed0q8K0mZRxnVAIYFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83151f1deac50c35-AMS
alt-svc
h3=":443"; ma=86400
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/ 		57 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
290055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10301
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-e4d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nA7GvoTXL%2B0axminv1NghpEbiJvp9lcdQotJTWtudveJGS87cFIVx%2Fea0OKwRgRYqLDNRKvmEui3PHPbirjpoGmxq%2BxOn50%2BcdcuuTNne7xkCmi0kuZyxuuDpNCy%2B9g8G87GbbQrEq7tFAwt%2F6VP3pal"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83151f1e3e976720-AMS
expires
Mon, 25 Nov 2024 14:12:02 GMT
bootstrap.min.css
www.rafyon.net/wp-content/themes/newsplus/assets/css/ 		124 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rafyon.net/wp-content/themes/newsplus/assets/css/bootstrap.min.css?ver=46.00
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
414caa66bb79bc88c1ba6a2a415d2333c0a01aab1c15f74684dfa7542a97d2f7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 10 Apr 2022 14:30:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3565
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lou1ZNFEMjqP8xs0JVzgsUiwjydPol4Rf8VNuWNjMA0%2FXf8%2BB%2FTMYExYxuPl2JFxxgxs5gROeOg0NNQfrHyIzNEXALgDwlbopdQICRSCnnKRpL0tVW86J5TABvx%2B5hibp51zOHhNdu0Bris6Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83151f1deac70c35-AMS
alt-svc
h3=":443"; ma=86400
fonts.css
www.rafyon.net/wp-content/themes/newsplus/assets/fonts/ 		1 KB
689 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rafyon.net/wp-content/themes/newsplus/assets/fonts/fonts.css?ver=46.00
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6511c49ad2da79efffa24912c9b244776702a27bc8bdd4afc2855f646b443e10

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 10 Apr 2022 14:30:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3565
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUX5osuDOiWLWjZakfaL15CWWqYgamMvfCBXzN6vxr4QZa2%2F3IJ4hRv2252aI8CZxDKdYzt04oqi9Zx4MJFzjUhOH1pm6jAi%2BFJUix9FIvQMOs8aPUYSiA7EtTYPiGqg25vA6v1W%2F4KJ5Cb4Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83151f1deac90c35-AMS
alt-svc
h3=":443"; ma=86400
style.css
www.rafyon.net/wp-content/themes/newsplus/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rafyon.net/wp-content/themes/newsplus/style.css?ver=46.00
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a10c8b54e1c59596f5caa93f72615a4a67f92567abfb376bfe7ca630aa6107f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 10 Apr 2022 14:30:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnAIeaWg89K%2FeDzYYbfyt%2BUNpGIdNVZejxzvJWzOE8vnnoC6S4h%2BAhPJuqXdW%2BsTd5XJnPYDSv%2BwbiMOj7W22eKAY0aJ9eYvdrFRiDGKdMSSj%2FSTnE05T7CjoHfmrYykKGRU1SJKGIOxk%2BIdVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83151f1deacb0c35-AMS
alt-svc
h3=":443"; ma=86400
jquery.min.js
www.rafyon.net/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rafyon.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 09:26:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3565
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfzkF3clPbAnUpfDUEFWpfIdWoch6K9lgZDHT72oPiq4xKLovGX4EdrVNI9nf7HY4iyWYOwZOs9dDADBCN05Gt3AK1eJSUHD%2Fi9l7xU85ghXNy%2FqKqPrwvq2Z7Zlo8N%2FTkowi%2Bn2JnpmoCR7EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83151f1deace0c35-AMS
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
www.rafyon.net/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rafyon.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 09:26:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3565
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zl983ONQvioGNxPGlHH2h%2FfwS5FvLJH8B2nQUv2xp74thYZagJ8%2FE5kwIgkKp1XkUwQMJJIa89SwT1355b54%2BOBP%2Fo3hL08BSsQMqwrq6JB4%2FI%2FU%2BwXqy%2Bro%2B9iOxzVj8eE8sFTc5eshby5xZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83151f1dead00c35-AMS
alt-svc
h3=":443"; ma=86400
plugin.min.js
get.optad360.io/sf/eea8f441-3b22-4ddb-a021-33600b968506/ 		279 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/eea8f441-3b22-4ddb-a021-33600b968506/plugin.min.js
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7beb67896e969bca947fdfbd1f11e20ae0e5989f7a444bc69c0eba234fd7bbca

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 19:11:55 GMT
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
last-modified
Sat, 14 Oct 2023 20:44:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
68409
x-amz-server-side-encryption
AES256
etag
W/"745d22d01c90b3ebbe6f683118a06f45"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
LmzX72Pn6YBnUuk2jVLwDQ1gMXGmQIOJ4LCFEOJdgIjuaCTsVUlstg==
183b5691-fc93-4f3c-a7ba-3c3a1f87c01e.min.js
cmp.optad360.io/items/ 		3 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/183b5691-fc93-4f3c-a7ba-3c3a1f87c01e.min.js
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:aa00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:06:35 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
last-modified
Fri, 17 Nov 2023 12:54:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
486329
etag
"8a80554c91d9fca8acb82f023de02f11"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3
x-amz-cf-id
uhC15WceL4sevzPYrOwcOvPbvqF4eoIOvrxVmiVE2zbebZcv4A0oAg==
Rafyon.png
www.rafyon.net/wp-content/uploads/2020/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2020/11/Rafyon.png
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf993c352a9c882af60619f9ba8b4d66c442be85875d78497571023b2aa5d28d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:02 GMT
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 21:32:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6269
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtXrpieJh6aCeW1%2F4gAO7hmtWCt02UMjF1U3J61YuwrtqPryDlzrV2qFK9ZEe7IjQwId7v0Bb%2F6V85UmDjFj8AUWGFSZxOFukAOEWKX2%2BmYqQbfX8EYULxU65TSijjghIbRJ9q%2F%2BHKUsVJ1NBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1dead30c35-AMS
alt-svc
h3=":443"; ma=86400
content-length
2979
main.js
www.rafyon.net/wp-content/themes/newsplus/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rafyon.net/wp-content/themes/newsplus/assets/js/main.js?ver=46.00
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e31ebf113144bd88c51f9344ae69e9a0533f0484c7876157b5ce7afab3f279dd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 10 Apr 2022 14:30:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3565
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnPmfPM3TVWGXLbqB8jguj8CemHPFjs8xCGb7ROkShQHl4LdxfE4cgB0AjaO0OAb%2FOuAx4LOQ7RQTCAFHdNPvR6OqPEjnRaSqV2YneXuZSIwPKOU6UrivGuZvP%2BAiM2HRDWAePrKxhV2smtyIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83151f1e1b150c35-AMS
alt-svc
h3=":443"; ma=86400
23c956a1-0409-4820-8cf4-25722f8d50d3
https://www.rafyon.net/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.rafyon.net/23c956a1-0409-4820-8cf4-25722f8d50d3
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
droidarabickufi.css
fonts.googleapis.com/earlyaccess/ 		1 KB
365 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/droidarabickufi.css
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/wp-content/themes/newsplus/assets/fonts/fonts.css?ver=46.00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 06 Dec 2023 14:12:02 GMT
droidarabicnaskh.css
fonts.googleapis.com/earlyaccess/ 		1 KB
624 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/wp-content/themes/newsplus/assets/fonts/fonts.css?ver=46.00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 06 Dec 2023 14:12:02 GMT
%D9%88%D8%B2%D9%8A%D8%B1-%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A--500x300.jpg
www.rafyon.net/wp-content/uploads/2023/10/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/10/%D9%88%D8%B2%D9%8A%D8%B1-%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A--500x300.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f974731c9f403a588970e550dd5c911291f7257e366b89e5952b055e617b578

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 29 Oct 2023 16:57:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TP64cGfCX56InKlLnbo%2B%2Bj2Thdaz%2BQYkoXOq9GQN3ddHmLPxdqxnthKbBnbNgoyrdxNx8%2FBhVfw1Stvkjk%2BggKGmbKLWM0NkdvU72Q8ypokGZZOgMtQ59Fuz4Bui9BCR09ldPwDtAw624ra1jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f08ee7763-AMS
alt-svc
h3=":443"; ma=86400
content-length
25469
%D9%88%D9%84%D9%8A-%D8%A7%D9%84%D8%B9%D9%87%D8%AF-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D9%88%D9%84%D9%8A-%D8%A7%D9%84%D8%B9%D9%87%D8%AF-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e1fce0f4ca98d191cf972d38b5f416ae0fe18ad15cf42ef4c73aacab0510dd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Sat, 11 Nov 2023 20:43:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1910
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKdjAsLnpr4%2FGJ6uXgwtY7I8kzgMaAYcDrtLm0GJhVG2sk2jnaAQrseUpX3kQTOmCA97%2FZofAaAWlisUVghraCn7uS6Zdm7xMe%2BaT1kPWZzbF9wDIkfoLoQsTALZr%2Bn3p%2FqPr1Rb5mmxswTh%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f08f37763-AMS
alt-svc
h3=":443"; ma=86400
content-length
19720
%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9148103ca9f6c497dfde5e5342128ea3e6341e2b1469a5241947164bec5c1240

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 23:31:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1910
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frrP7IXkVpkWBs1B4qhk9UdOGvRyaTS57j6idHQiuxhph%2FmboINHSPn33x%2BG5Avqu9Jh7MkPchzpUSsv3z035Gdqk1i3anMWDcgGaLMMNtPE%2BQYxV0K1dPrsKASVShmHhPHO7TmiYosGgLxc%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f08f77763-AMS
alt-svc
h3=":443"; ma=86400
content-length
14755
%D9%82%D9%86%D8%A8%D9%84%D8%A9-%D9%86%D9%88%D9%88%D9%8A%D8%A9-360x200.jpeg
www.rafyon.net/wp-content/uploads/2023/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D9%82%D9%86%D8%A8%D9%84%D8%A9-%D9%86%D9%88%D9%88%D9%8A%D8%A9-360x200.jpeg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
878c993cd4eb6b6f818e0316f9e6652ac9ee3e7285f343074e75589ea8ff6ffc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 05 Nov 2023 18:27:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B33WQC30DL9iKKqnOcq5E7Rw10znpKnSxD9Pe9hve%2Fmm9knx7M0Q2uIe9xG2NLazj7XxNaS5KkB03n97IyNAgAyuqf1g6Ke2IPhsUipID4AsQqiNv8w0KN1tXKLiZnR7ksFiBhC5DLqHEAI2uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f08f97763-AMS
alt-svc
h3=":443"; ma=86400
content-length
8026
%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9--360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9--360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d43d0c2b00d3bc407fafd5be66fee7a74b6bba325fc56f98a96ca6bc1b340683

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 01 Nov 2023 02:01:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Tz4J%2Ff%2B6uX41cWe63UtdVzDavN4bjQXR9R1Z%2BF7zkxd%2FIyCA6BRaHhfhApH8MfPPwqUfVa1aMIr3iYaCJvbshn%2FQGZKWmoFGvSJ57XTeM63LprwZTugLxVbBcKWIaBGzmV%2FsDBXoYziEd20sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f08fb7763-AMS
alt-svc
h3=":443"; ma=86400
content-length
15723
%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D9%85%D8%B1%D9%83%D8%B2%D9%8A-%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82%D9%8A-500x300.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D9%85%D8%B1%D9%83%D8%B2%D9%8A-%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82%D9%8A-500x300.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f3271f24a81101413f28b107fcf6d90d89d662383fedf8882e76f122b0bfce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 11 Nov 2023 20:34:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWzp7qIHq62boOznrBrQD4B2fZk1AKOgf6%2BUkOPFEICZo0HrS39muD3r0LgiVtlPr%2BPRP7zKRkTloKCHD0L%2FdPBJMQI43bPwNmoV8%2F%2BwQYF%2Fg4ZAA8pNaNRDfMYBufNqUcjkb7pEFMeWq2cUvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f09007763-AMS
alt-svc
h3=":443"; ma=86400
content-length
34905
%D8%A7%D9%84%D8%AD%D8%AF-%D8%A7%D9%84%D8%A3%D8%AF%D9%86%D9%89-%D9%84%D9%84%D8%A3%D8%AC%D9%88%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A7%D9%84%D8%AD%D8%AF-%D8%A7%D9%84%D8%A3%D8%AF%D9%86%D9%89-%D9%84%D9%84%D8%A3%D8%AC%D9%88%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a195b24c93fe857115ce6c2170b8ce99da4f44daf9110842fe06fd72d19a9276

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 00:07:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1910
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkYdek0yg3l5UmjG8fs1m1W3SPyu0bvY6PyfA0J2Wl%2FngMKyv%2B5k42FhGFV6EYFlXcFuN%2FVV6%2Bmzn%2Fod6yfsFUdH0Rf9AUs2Fci8iw%2FO8BkljuLLuyD4XzDKiZLcckMV6WhYP3NruFv2hj0SOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f09017763-AMS
alt-svc
h3=":443"; ma=86400
content-length
16100
%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D9%85%D8%B1%D9%83%D8%B2%D9%8A-%D8%A7%D9%84%D8%A3%D9%88%D8%B1%D9%88%D8%A8%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D9%85%D8%B1%D9%83%D8%B2%D9%8A-%D8%A7%D9%84%D8%A3%D9%88%D8%B1%D9%88%D8%A8%D9%8A-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc177abd6607fae8b2d131cf0cff266d2a3311263b5ec8d0e643c84f2ec112e2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 01 Nov 2023 02:03:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifPsNFunrSoO5vlgsf33fBQlJrjHD4Tn32W8nV4yKDBLVz6UggOxnxwNoGLarf%2FIWO3CSMBOU%2FtkCQ2uNhD8WtHD29XtY80Fg%2Bux9R1eAd1gpgg%2Bn76Jrfld9H70P%2FO%2FI5s%2FOiYQF0F5qJITog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f09027763-AMS
alt-svc
h3=":443"; ma=86400
content-length
12012
%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A-1-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/10/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/10/%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A-1-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b46188442abf20e776e5a224ab7757709b9807461aec752be1b4ce4dc631ed

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 30 Oct 2023 22:57:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoaG4Z0kBxRjSCR2G6wObIytdX79wdxy2Txc0ijDQLMw%2B56Dw3xSuYxSvMYzJGjc05ZCJ0H9hjhHYZRZRhjMDPtTwBfDeftO3L7RpAnnmmHn5n1KiAAhd90EAZtvtR1nbLtUsRpOQjI1rn3DeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f09057763-AMS
alt-svc
h3=":443"; ma=86400
content-length
22802
%D8%A8%D8%A7%D9%83%D8%B3%D8%AA%D8%A7%D9%86-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/10/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/10/%D8%A8%D8%A7%D9%83%D8%B3%D8%AA%D8%A7%D9%86-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74b059a64ab907df19f8d548cbff2afba3939e5d31d28692a333671eb779ddcf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 29 Oct 2023 17:11:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjxYoievL5PGcXHKRmHYoXzxOsSYx7bwoPKpJDaJXB1ojRplOIHegV0WzyrkGkW641cFDudipY01W7o7d7tvCNgClyOsXNqrXO4idawsyP5BkdD2UWdoLfIZRyxIeGxww1%2FL2UEzKZ30XBaWvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f09067763-AMS
alt-svc
h3=":443"; ma=86400
content-length
8539
%D9%88%D8%B2%D9%8A%D8%B1-%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A--360x200.jpg
www.rafyon.net/wp-content/uploads/2023/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/10/%D9%88%D8%B2%D9%8A%D8%B1-%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A--360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a976cc60761ae1e5d55361726238e9243fc7062e9c8b6344ec604d1152cc8986

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Sun, 29 Oct 2023 16:57:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5688
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofXYB56Zc0yFgdRHG7Y3x5AhvcxMdePIkD1kIh92tjSW%2FQMvz%2BHxDOAkuMmgTOHVi31P8H%2FR5Anyg8rxqF74VnHMFiB%2Bfc7pnMeNstGe6VMdDecZjNWfvK%2FnND9b90t9xfVs4Ee4aNDdxpF3QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f09077763-AMS
alt-svc
h3=":443"; ma=86400
content-length
14105
%DA%A4%D9%88%D9%8A-%DA%A4%D9%88%D9%8A-%DA%A4%D9%88%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/10/%DA%A4%D9%88%D9%8A-%DA%A4%D9%88%D9%8A-%DA%A4%D9%88%D9%8A-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d6967c4bafb227f8fd6f0c659da9297bc719b6d4b5c37216244e6bc3e0d609

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 23:32:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3892
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slmrmj6vgYxBjI098H0RQ5PQxVSbAwvLFjTFC1QkZTMkxw3QYX2KcugdKUAqZYbso%2FepS9tXUPMIxhqFaSW%2Fz%2BH4R0MSEsqKoIJ5z7qlEWWoTXoQPzwtH2BLegGGJ3rIyG5dZs4DdlVmizmU9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f09097763-AMS
alt-svc
h3=":443"; ma=86400
content-length
20284
%D8%AA%D8%AD%D8%B6%D9%8A%D8%B1-%D8%A7%D9%84%D8%AA%D9%88%D9%86%D8%A9-%D8%A7%D9%84%D9%82%D8%B7%D8%B9-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%AA%D8%AD%D8%B6%D9%8A%D8%B1-%D8%A7%D9%84%D8%AA%D9%88%D9%86%D8%A9-%D8%A7%D9%84%D9%82%D8%B7%D8%B9-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10921def84fcc2ca0978321d156b1b65940fe30b328bd003cdd6a4e4792e24a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Sat, 11 Nov 2023 20:38:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5688
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2B9bh7EGg9HIdJfIkqtE6SKuBXxqNPDXXFiia30RkqZexTe8mS%2FxWyp3m2WFfLIXryufla9CEX7h1LEgqBlqqsSBYI6KCtkFz7z50a6qHgD0eMLEhoSV%2BUekaYI%2B8WyemTg6DWjGjDwswRbcRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f090b7763-AMS
alt-svc
h3=":443"; ma=86400
content-length
19981
%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D9%85%D8%B1%D9%83%D8%B2%D9%8A-%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D9%85%D8%B1%D9%83%D8%B2%D9%8A-%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82%D9%8A-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2f962e47e4ec7e48aa29f054eae0fdf49a666d11222c3f72e04247d37a3ae9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Sat, 11 Nov 2023 20:34:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4672
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n33ePTQhYsE6Xm6mCdh9dmgSolyd%2FSLrR%2Fv1%2Fy1HKXpl02g3W1ETfhOIHovNGwaPWBGQ8eMGMTjn3zQUAPdV1J8PEHhk2nMFxnrGebtJS2CagHYLR1UYkUjxGHYS%2BpAouHS1BMpopuNRqCpg4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f090d7763-AMS
alt-svc
h3=":443"; ma=86400
content-length
19386
%D8%B5%D9%88%D8%B5-%D8%A7%D9%84%D8%AC%D8%A8%D9%86%D8%A9-%D8%A7%D9%84%D8%B4%D9%8A%D8%AF%D8%B1-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%B5%D9%88%D8%B5-%D8%A7%D9%84%D8%AC%D8%A8%D9%86%D8%A9-%D8%A7%D9%84%D8%B4%D9%8A%D8%AF%D8%B1-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f38e373a688607ccbc8503ad471aa3bb21d32725d46834eefb73980b9b83e789

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 23:21:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6689
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmQZCarmlG40cjHdMQQhtpIi9R632h8G%2B970GHLDqOkDGDhIjIVEXQbxHIWM240DGaicO085iAztqNM7GFj5GajmEKe4ADSUG65jZlEn7gdz4BGSGFuWe%2B5wpfYYOjj9n19ebx7KiizXwRubag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f090e7763-AMS
alt-svc
h3=":443"; ma=86400
content-length
13217
%D8%B3%D9%8A%D8%AF-%D8%B1%D8%AC%D8%A8-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%B3%D9%8A%D8%AF-%D8%B1%D8%AC%D8%A8-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd63db78cedc8bee5838a6d1944c129094c97b9fc57489f5643d6da11d7bfe5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 23:18:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6689
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5j6d6hv3NLNHq2oAVqXweZVVUEfv%2BIKr8egAvc4HvppN%2Fy7NF86U3PgD7WitxX1U%2FzutYdNqKYP6UpMrqjdQsuXjaWAyQLBVHRjMhq79%2BmgxcaQDMt4LBHj%2BbEptdLxteC2qJTLapQbMLOWtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f090f7763-AMS
alt-svc
h3=":443"; ma=86400
content-length
13219
%D9%85%D9%84%D9%81%D9%83-%D8%A7%D9%84%D8%B4%D8%AE%D8%B5%D9%8A-%D8%B9%D9%84%D9%89-%D9%88%D8%A7%D8%AA%D8%B3%D8%A2%D8%A8-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D9%85%D9%84%D9%81%D9%83-%D8%A7%D9%84%D8%B4%D8%AE%D8%B5%D9%8A-%D8%B9%D9%84%D9%89-%D9%88%D8%A7%D8%AA%D8%B3%D8%A2%D8%A8-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cb3d35b55d42ce147dd843386871c72ad7d78bd3c60a49b1099e41881556f2b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 23:15:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5688
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIiN7kk5lez4f24jd4iviLrVDMm8jSfDDecCWoqJdmmbpsTrHZ3LOIHqNV1nvge%2Brt4LCgOJdDE9jKJEkR2Jjbd1VgarUAP1L8TU0FsfQrqhl0GjAZ%2BkSqFHhWIqvc2snA%2FVSw2YC7AWAUCa7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f09137763-AMS
alt-svc
h3=":443"; ma=86400
content-length
8714
%D9%83%D9%8A%D9%84%D9%8A%D8%A7%D9%86-%D9%85%D8%A8%D8%A7%D8%A8%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/10/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/10/%D9%83%D9%8A%D9%84%D9%8A%D8%A7%D9%86-%D9%85%D8%A8%D8%A7%D8%A8%D9%8A-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5bc421a51791bbbee22e0de81f887fa44756eb90ef1875e2db76cff17832140

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Sun, 15 Oct 2023 22:00:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7176
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vocjcsEgbSnlhTFgwAqUGJ5PnMEzdqd6anmiakJl9o2cKmaXsoJc6lyddXedGTuM7Nt3NzTlhx2nxUvM%2FimRuv1D7Uv7krd4N8fh47quf3jfR9%2BLFmQQBytd9%2Foc1%2FCkTyZuP%2Bo%2FoUrujQVmpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f09147763-AMS
alt-svc
h3=":443"; ma=86400
content-length
11436
%D8%A7%D9%84%D8%A8%D8%B4%D8%B1%D8%A9-%D8%A7%D9%84%D8%AC%D8%A7%D9%81%D8%A9-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A7%D9%84%D8%A8%D8%B4%D8%B1%D8%A9-%D8%A7%D9%84%D8%AC%D8%A7%D9%81%D8%A9-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b49521fd237e0ce7c618aecd7390c03deeac97ff7bb405e07fb7fd429a0f397

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 05 Nov 2023 20:29:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hc8Fq1bnXI2PXc8dZaez6uNKFUaPVUaPrc7t9ZuxQRr5ZQLMwY6ycokWiV%2F%2BAMCzjuQ0rYN8XHoCI%2FiClSdFSQ76rRoMKa%2FfXqBj4to0DwsSUiZzslvUQ6j4Xw5rqqCFKwf%2FTJH6Stef%2B6mK0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f09157763-AMS
alt-svc
h3=":443"; ma=86400
content-length
11226
%D8%AA%D8%B4%D9%8A%D9%84%D8%B3%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%AA%D8%B4%D9%8A%D9%84%D8%B3%D9%8A-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c1ac09766e0f1322a4aaafcf2192f7b1c69f26c3810f9f89f2238373decf8af

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Sun, 05 Nov 2023 20:00:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5688
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrgycxDHbeR5WXddzSXWk07rzC%2BHMBPUMykDyWDpJW59tWisRlXSNkigEAIGH8QimSaCVF%2FEDFjV%2BP2dpCWw4jzlt4gnabS6f3z9DM6R%2BVsf%2FzHzwxuxT3IX2hcx7z0nMED3euZhysPTT0qPWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f09177763-AMS
alt-svc
h3=":443"; ma=86400
content-length
20968
%D9%88%D8%A7%D8%AA%D8%B3%D8%A7%D8%A8-1-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/01/%D9%88%D8%A7%D8%AA%D8%B3%D8%A7%D8%A8-1-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcf6f6feae5927c60139ce3e1629564df3328ee63a1bf852e04afb957e684041

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 24 Jan 2023 03:02:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbpOsl7mP6Plx%2FG9bXmbA44pFnynqQXw210AT9%2BfE95qT%2B0P3AqTJKSPR26xD57CXwkD4DkssERlO9EeNy1%2BSCkDFiPNdKmV7V6AqkpNRRVQ47pdiOm7JwwbNVRVFkid247a5jVGJ8IcZsspyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f09187763-AMS
alt-svc
h3=":443"; ma=86400
content-length
12140
%D8%A8%D9%88%D8%AA%D8%B4%D8%AA%D9%8A%D9%86%D9%88--360x200.jpeg
www.rafyon.net/wp-content/uploads/2023/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A8%D9%88%D8%AA%D8%B4%D8%AA%D9%8A%D9%86%D9%88--360x200.jpeg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e26cdf84ea6019cb4505a4bd4e24b6c8cdc08f18a5ecf7c0a8668f0af945d64f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Sun, 05 Nov 2023 19:55:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4672
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzb3WNCpymvm%2FX2FLlzyKGtqaexK3uMJGQ9zQAbNrPQdeOC90kB8JVVCXiX1tzNm7hEe%2BkBGUUPIsbtb%2BNmu9hlZSd43LklmxHDU4nC9pYyH%2FY0eAoDictM7PkWhjL97AoifVJ%2BJB%2Flz2OERCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f09197763-AMS
alt-svc
h3=":443"; ma=86400
content-length
8751
%D8%B9%D8%A7%D8%A6%D8%B4%D8%A9-%D8%A8%D9%86-%D8%A3%D8%AD%D9%85%D8%AF-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%B9%D8%A7%D8%A6%D8%B4%D8%A9-%D8%A8%D9%86-%D8%A3%D8%AD%D9%85%D8%AF-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d38b3e26dd6b6cc40545482d9ede9a2abc5d123a1f7d8d10c0c270588e5dfb7b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 05 Nov 2023 19:53:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrunR2F0vw8rpwQYO39P8aFgxkeBseUVVCoXeq9A7wyv8tkkRkZvS7s5ysXA7G6hEUzuZdJpHyo1qoNtuHX5MgTe4ceCubNsUdmgWK%2FuIcdYHmjj0Tc%2B389bSjSKBIE1ON9lSVBEiJKJ9tI8Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f091a7763-AMS
alt-svc
h3=":443"; ma=86400
content-length
16716
%D9%81%D9%8A%D8%B1%D8%AC%D8%B3%D9%88%D9%86--360x200.jpeg
www.rafyon.net/wp-content/uploads/2023/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D9%81%D9%8A%D8%B1%D8%AC%D8%B3%D9%88%D9%86--360x200.jpeg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04fd3a2305c7dc6473b7fd2feb8b73778e7d8a6f92f2523857a145c77f399259

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Sun, 05 Nov 2023 18:29:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7176
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oaB%2BiV4xT%2FipZLFsYOpb508SeZJBCpJodzE1CnekcuLdHWYIX%2BVJCp1zoiHXDgw%2FBl6TBggEABfqbYvrNXK3ZXqnhPdRIMPJLaeCwXR%2BcCEFT0SV9O6hQgfQ14zYjjj9uPGtmKEGfh8dAet8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f091b7763-AMS
alt-svc
h3=":443"; ma=86400
content-length
13158
%D8%A3%D8%B1%D8%AA%D9%8A%D8%AA%D8%A7-360x200.jpeg
www.rafyon.net/wp-content/uploads/2023/11/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A3%D8%B1%D8%AA%D9%8A%D8%AA%D8%A7-360x200.jpeg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d9a942cca5b9f6a701720465c53f4e92093e224af0181bd4455b20a45e0957

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
HIT
last-modified
Sun, 05 Nov 2023 18:23:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7176
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MG46k4xVnwAv04SiOg4r35NosPGfxrojk3FqP3Edx2YmKAzMeJvjt8roezmoET8K2BD0mdcHenLYh00gjxXJZnVIE%2BxoiaPyA%2B1pKsR5bcVRAm%2FVUKA5NlsHaIDoL8pc0YSBEtf92Y6jctzvag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f091c7763-AMS
alt-svc
h3=":443"; ma=86400
content-length
8505
%D8%B3%D8%A7%D9%86%D8%AF%D9%88%D9%8A%D8%AA%D8%B4-%D8%A7%D9%84%D8%B4%D8%A7%D9%88%D8%B1%D9%85%D8%A7-%D8%A7%D9%84%D8%B3%D9%88%D8%B1%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rafyon.net/wp-content/uploads/2023/11/%D8%B3%D8%A7%D9%86%D8%AF%D9%88%D9%8A%D8%AA%D8%B4-%D8%A7%D9%84%D8%B4%D8%A7%D9%88%D8%B1%D9%85%D8%A7-%D8%A7%D9%84%D8%B3%D9%88%D8%B1%D9%8A-360x200.jpg
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89f7ca3b0a13782b370063ac11e3780b4bb2164d6d7125cae7a2b23155f54de7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 01 Nov 2023 02:12:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXe7EV2Llt1xCsfaFyHv8RUXvfydrIEeiv84c9POZXUxnS1AdOw0Uf05K1O9S8ufaAizIEC%2B2tcqeN7St6shEie4CvoFtMCR0bDsNfMwRlo%2FMiXxD34qvyPqhI%2BjQRIhXSTKtRdbugBEzao0Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83151f1f091d7763-AMS
alt-svc
h3=":443"; ma=86400
content-length
24036
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c3e8276a03b75d40fdbc5b40e665022127cbbd1722b6de06839ca69f664b7af
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Origin
https://www.rafyon.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
634630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
79444
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-13654"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdYINaYn1UbNI82snNW%2BMbfR58uLCkE%2FgHd1%2Fk4RD57%2FEor3YpkpQ%2Bqw%2Fhic%2BBFDLIsFx%2BBeGJHxGye%2FN4Q6ruKdKWd%2F8mkwupjPe2X7jwxi47JwK%2BqfciuzA9mCU9OzorrrBgg1w1%2BgEtMC3hiP0057"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83151f1f3d190bad-AMS
expires
Mon, 25 Nov 2024 14:12:03 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d66b4e8556dec780a3be1e72c2bacfac5f379f6977f2886254908e5f87db6bd6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Origin
https://www.rafyon.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
549378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
76612
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12b44"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPRoj4tAMIk%2FpAA%2Bd1cvx%2BaczfGJ81s9MNyxoKY4L8y6EOaidjuWUbq%2BBPcrUf2YYxy5hEsITPzeue3lBxJg0m5DP6yt%2FrGujupIa6Pnx%2B%2BQEOxaquwSc9iwe98xrSELk8kMmvqa2zITl0NtH8r74mGc"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83151f1f3d1b0bad-AMS
expires
Mon, 25 Nov 2024 14:12:03 GMT
DroidKufi-Bold.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Bold.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/droidarabickufi.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rafyon.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31448
x-xss-protection
0
last-modified
Wed, 13 Aug 2014 16:50:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 15:53:03 GMT
Greta_Arabic_Regular.otf
www.rafyon.net/wp-content/themes/newsplus/assets/fonts/ 		154 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rafyon.net/wp-content/themes/newsplus/assets/fonts/Greta_Arabic_Regular.otf
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/wp-content/themes/newsplus/assets/fonts/fonts.css?ver=46.00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f3825ab5a948a650d9276b8c3ed43db6f36ac1e7d150c134bc2685e537131b

Request headers

Referer
https://www.rafyon.net/wp-content/themes/newsplus/assets/fonts/fonts.css?ver=46.00
Origin
https://www.rafyon.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 10 Apr 2022 14:30:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7176
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W13F5KyDvFr4vEtz4fIzdkGHfXK5PlI0bUPpKXkgbjGTZ4rzCXQjRrMqbJ7zU%2BEj8n7uRdNM9wodPXc9lS3LQUKDr%2BeNXAyiS4Rvc6LhvbJ1HODyEIJAN2kHr%2FFn7QPO%2FhS3g4JulTJ7ZryYnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/otf
cache-control
max-age=14400
cf-ray
83151f1f091f7763-AMS
alt-svc
h3=":443"; ma=86400
DroidKufi-Regular.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/droidarabickufi.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rafyon.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 04:00:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31147
x-xss-protection
0
last-modified
Wed, 13 Aug 2014 16:50:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 04:00:51 GMT
wp-emoji-release.min.js
www.rafyon.net/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rafyon.net/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 09:26:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1910
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiIXtWU8hPFY6yWbDh%2B0R2LBSZVtwZO5UzSmGOvsbULj457BSQfECILNfRHl2D2NgUnpLI251pnOM6VVdqZjp7cqk0UhYhq7jTD1KeFKtzVwqHGo8V1iXP06qFIXfSTSqJS%2BTcnMm5FsN%2BgE9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83151f1f29277763-AMS
alt-svc
h3=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/eea8f441-3b22-4ddb-a021-33600b968506/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9bdec335f90f1b0664b5151ae857999951afb4414b657fc1af0ade1a381b43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30288
x-xss-protection
0
server
cafe
etag
737 / 19697 / m202311290101 / config-hash: 1092561402034918178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 14:12:03 GMT
branding-ads.svg
cdn.optad360.net/icons/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.optad360.net/icons/branding-ads.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:4800:f:a31d:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:25:33 GMT
content-encoding
gzip
via
1.1 218366faeb88f6d265d2589e37ea2dac.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 12:02:24 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
4754791
etag
W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=360000000
x-amz-cf-id
nDVjT2JfWx1kvFeuR8L5hZMQr9HfDue69OpOxkoJ7g2QYXH0N3XmLw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 13:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
2133
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138184
x-xss-protection
0
server
cafe
etag
495798054771589180
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 05 Dec 2024 13:36:30 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:00 GMT
content-encoding
gzip
age
1874643
x-guploader-uploadid
ABPtcPosiWJMTi6DpSufSORNQNukYiP051dDMboge2ChLaAOCj32gcVycc6YGc4ZmCsMil6S048JGg_x_bo6NsyokUiiiqWjYCfy
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 13 Nov 2024 21:28:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:12:03 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
9125MWNDPHJYVZRE
age
1460
etag
W/"d12fc51ceb66081fc72dabad6e4e0ded"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83151f244bd9b90f-AMS
x-amz-id-2
XhVSYKcbXt2QQx4FXmOxsUOUFIDUiQsbM6PIcYgb2S8xgk8I4o5FSwi8yZlv6vb4VaPzdAowia5/Yd+ygvzRfQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1200:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Wed, 06 Dec 2023 09:10:17 GMT
Via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
18107
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
jFVclP6ycORShkrH_OWy_DfqOz8-FRz9Gr6kxD2pnXxCXC90Wd0yWw==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3370
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-ams21022-AMS
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJcM8ZZaIL0HtBbY7oqk8lM8WozssVL%2B84kY5zd7vSnEnOIVQ7cOA2lYCRGAlyv0ASSXpMiramxldp5RpIMfvXorMO%2By28ttr%2FhWqb32GFLnUuvGR9TVg79vihLN2IZJZu137%2F%2Big61jIq8n9dc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
83151f244e660b8e-AMS
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.143.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-143-83.lhr5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 05:59:07 GMT
content-encoding
gzip
via
1.1 063bfb014e66ef670fc62ff044660cf2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
LHR5-P1
age
29577
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Xqbqe0YBvGuUZ-OkhDoCdInx13O91qcSsDeQp7ExqiJKjpxFgI1EEw==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
c0413106ffe9a2541b93234c3dfd3e8c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/ 		88 KB
40 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1257867413551927&correlator=2238867110108980&eid=31079970%2C31079527%2C31061690&output=ldjh&gdfp_req=1&vrg=202311290101&ptt=17&impl=fif&iu_parts=121764058%3A22713825117%2Crafyon.net%2Crafyon.net_o3b_display_sf_o3b-new&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701871923808&lmt=1701871923&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.rafyon.net%2F&vis=1&psz=0x-1&msz=728x-1&fws=644&ohw=1600&ga_vid=1311110111.1701871924&ga_sid=1701871924&ga_hid=138909963&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY3eTi-8MxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjd5OL7wzFIAFICCGQSGQoKcHViY2lkLm9yZxjd5OL7wzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y3eTi-8MxSABSAghkEhcKCHJ0YmhvdXNlGN3k4vvDMUgAUgIIZBIZCgp1aWRhcGkuY29tGN3k4vvDMUgAUgIIZBIUCgVvcGVueBjd5OL7wzFIAFICCGQ.&dlt=1701871922831&idt=948&adks=937240394&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f195987b773b996230b3526e58fa4f0538e776e62b231db573039b8a7958164
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40626
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.rafyon.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44b86bbe777bd108d78e6dd7a68a9afe8399565f11b6f87a4656345491c77a23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12173
x-xss-protection
0
container.html
843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D79 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rafyon.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 14:12:03 GMT
expires
Thu, 05 Dec 2024 14:12:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.rafyon.net%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.rafyon.net%2F&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.rafyon.net%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
4807e2621b38e9bda19b22665cecc64e63ccfb30d32d675802342365a6ab3a28

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:04 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-9n1mU/nJHI0VSgMcz73cTS6weZY"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.rafyon.net
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 06 Dec 2023 14:12:04 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.rafyon.net
location
/esp?url=https%3A%2F%2Fwww.rafyon.net%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame 7AD2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.rafyon.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.rafyon.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 14:12:03 GMT
server
Kestrel
server-processing-duration-in-ticks
342634
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
increment
id5-sync.com/api/esp/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.rafyon.net/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.rafyon.net
date
Wed, 06 Dec 2023 14:12:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
map
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.8.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
acdbe0be5b0f973126222d293fef3fb5f848ef89d0557d221cd2a5ab4562f15b

Request headers

Referer
https://www.rafyon.net/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:12:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.rafyon.net
cache-control
no-cache
x-server
10.45.25.74
access-control-allow-credentials
true
content-length
60
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Dec 2023 14:12:04 GMT
sid
mug.criteo.com/ Frame 7AD2
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=rafyon.net&sn=ChromeSyncframe&so=0&topUrl=www.rafyon.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=bPsJ0HxoUVJyUkhHNHdlM0VEZDdDRk1Gb1dHYktYK0NWOEF1bURDRE1EWGJqOFp5SzlUTXgxQi9tOTQ1aTdobnloc1RpTGVScVVncHF5eFhxeTZQYlJYYUNZamZLd3NRNDF0VDg5T0hSdnBHNkFsK1hha2NXRlE5dUt6SF...
446 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bPsJ0HxoUVJyUkhHNHdlM0VEZDdDRk1Gb1dHYktYK0NWOEF1bURDRE1EWGJqOFp5SzlUTXgxQi9tOTQ1aTdobnloc1RpTGVScVVncHF5eFhxeTZQYlJYYUNZamZLd3NRNDF0VDg5T0hSdnBHNkFsK1hha2NXRlE5dUt6SFpTam1VSDJvbW1KMkdTb2tHTVZERXpXd3pta2U5QVE0a2Q2ejM4a04yNVZDTjM1YWpRU0prZVZjWU9aSmlCaWtwVzI4YlVjaC8wd0hSVkJZeXI5dFVZWFlzY0l0QTdHU0IyNXVjNUQ5VFdTZHYyaWpVK055ZUgxTDJwemtGeHRpK3ZXZEdhaTZQZnVWb3JlQ0w0enJ0Qm1DanJlWTZpdz09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
87d6652885b4cd02575c35c6e5e1597c106b28dfdd73295611892d6ee11a3517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:12:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1770428
expires
0

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:12:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=bPsJ0HxoUVJyUkhHNHdlM0VEZDdDRk1Gb1dHYktYK0NWOEF1bURDRE1EWGJqOFp5SzlUTXgxQi9tOTQ1aTdobnloc1RpTGVScVVncHF5eFhxeTZQYlJYYUNZamZLd3NRNDF0VDg5T0hSdnBHNkFsK1hha2NXRlE5dUt6SFpTam1VSDJvbW1KMkdTb2tHTVZERXpXd3pta2U5QVE0a2Q2ejM4a04yNVZDTjM1YWpRU0prZVZjWU9aSmlCaWtwVzI4YlVjaC8wd0hSVkJZeXI5dFVZWFlzY0l0QTdHU0IyNXVjNUQ5VFdTZHYyaWpVK055ZUgxTDJwemtGeHRpK3ZXZEdhaTZQZnVWb3JlQ0w0enJ0Qm1DanJlWTZpdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
265625
content-length
0
expires
0
container.html
843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3FAB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rafyon.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 14:12:03 GMT
expires
Thu, 05 Dec 2024 14:12:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E1C1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rafyon.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
54658
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 23:01:06 GMT
expires
Wed, 04 Dec 2024 23:01:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 50B2 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3f10d46f8743b0d31f46dd63ff7786a904a0cd5f36f9f21f254aec928fa3bdfc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cs-Mn-qfos7bv-9lh3E5lA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.rafyon.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-cs-Mn-qfos7bv-9lh3E5lA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 14:12:04 GMT
expires
Wed, 06 Dec 2023 14:12:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pd
google-bidout-d.openx.net/w/1.0/ Frame 32C8 		0
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.rafyon.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 06 Dec 2023 14:12:04 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6871 		624 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGNT98f4BMAE&v=APEucNUmgQz-WUQrf-W8nh9lLHS30e-FoZ079IFiSUy7mNBSL4Nd2NPg7bSh57mULXzwSaud0awPxhmBAMa9-SUqAV2BVsJ1Fu8ZuiRs1NrcZxkB0M74j8AUvhTstV4FlWdmrkgdlbv5YGWsPZNwJ-1gmVOgLl-FN0r4xDRKyMkhAX2ifTUjFGBEhUQcBsiTrJPbu1_DD67itwTGcvAlTBsNGOOwmNr9nA
Requested by
Host: 843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
URL: https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 14:12:04 GMT
expires
Wed, 06 Dec 2023 14:12:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame 3FAB 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite_fy2021.js
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
80807
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 15:45:17 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/ Frame 3FAB 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 17:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
72951
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 17:56:13 GMT
view
ad.doubleclick.net/pcs/ Frame 3FAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstxqB4ZN1pqG7i8DNcZ5Kuoa9XTfNzngjcETxlqXLMwO3xgoMsubLKis-Pj5RR0wn_wr3JlvIDBKCLIDcpQS7tgAMiyXm0mamM2LflEpQiGtiXCnOHArk_W8dTC_nindDwE1Ve801pgyQXLxZnptb0kWMe-wFC7kmLAvWay6qpryn6pT46fmLL8n1JXWNk5LUE52Ar9P7lp-h3RWrp9Fxk6PDUHDa5cuSdoR7bFymsX7CAoqabE4HNCOrL8xSmJnqozzvL979cW8k6jSLcWRLtTdp5hKFNQrXPrehDRXFr7J2xAdznojpT5VwX9oN26W2aTyei4LT4ubCYisVeIX8yMzIKSljuZ4erWV6KOGuEw-l525mnxIH15CCNV368muWcn7yEW4PmEWm1js7SmPce2rl7hXYXM9zcCEGgsdHl3sPUrrpSsoSTY9rxAetvh41VM6bQCPIm1F9MtYHZfIiEqmpZqOAjOIFlDtdnz9UNL4EIt3R54X5otVbkIDnDWQxADZ_8yakjaBfLDiPUfwojJMkKXnZtw_3KtDQIO4FIOIo381X454yINI2UII47THWQx7tk9al7ZQaPIMA1clNlLOSiRojI6vYr_c3oHN3RUtdg2zDBbGuohvAGNYmi2idBh9FF6uUZSebfvy1wpczwLRYn8mUQJQbItWMZDWWBugyv7t_ucx0NBkgqyZPvW8oLSdSqY_cjx1ACZcQBgTIgtPzR6Ukt5Zx7n6Q20aZ-rCO81nhNVTA3Z-4NHf2SQJrEqmQL01SMZcmpLffL1Itj628z-C-pvDz01pIkC8uY0_3h00CYRjB5clZTzm4JxmHvYFIULvM5dmGdIaSmVN70RoNi_U0uzHepCVp3jvhu4mU9tdQv3c721gw-sPEuw2H6mRzizDcb-govQIB7rc_lppdNottCS-T0xaJbrW8gc7KjoLmeBsXeaVPUQXaIuuEjzXSm8vKkM_2_TjHfblZEgE6Inm_fmVQg2XWPTEPxgpyMqZpp1M8whrTQRd0kv-PEWqDk7OUAkVX4lCu8H3FHP5hcvEmWD_Wacijg1aZ6CXcNsRhVB-XYFWDnZN7EkeGKvM8Rdq5X9kYNHkOokuR2eV6Yc6CdkW2bA8m19_GFmphgP_5dlaLGkN5FZS2qZOsRBGKHqToYT_zCly8pQ5LrcuI9QiFC8vUGL6lAjfhTNWMkPJZmjr5Z0-2NhP7QlN2UBeoVmaWaRTgLEfMcsqYwkIq5TIobJ5eROcqG8Fp5CWVc6MB9gjhthlszxaAsZSqlyTUhzl1sEDDM7Y6hVE15ZAEpEsEVQBye7cYqOql1qU5g37kAtrL3AB80Oy3_J7lkQStAwHDs6qBe84y-j1hi9vwE-d35PlEFyN-GcD0KriWYYV7ag-ABm0Fty1zGRdbfCHWhi83NR9ouTuBoXN6MdoWCgcBThLRFF_8LLzm8OH-92QxP7772uUZIRmWrjVpSnNo_-r95b2nzxFqb9aHGj4thw7QdRRGERmH-P0M3xpBEoK5fJG_NlDHs&sai=AMfl-YQC_wHGnyJIsK_wbrsikg25ndCspSdrD55CaxDYJaq-SQA2zKgZ2IA4AVuLQncETOC9e_sJ2et-ZwR8LQcs-m732rlmRT4_dB7NMCSxoAVQS_veP4GRuK2Pcvbg71zi2xmm_XjP79UFaV8DhlhxIzACtkPzA3qb20o8Xhjpa2RCuPw-XE2ZpRF1grt7n0s7hOGdFHV0MNgZKtrof_6cm4qmsvBkp8lgv6UyBFxeAsmmREt4iMOBoWEcnLjA4XnGH3kxPgdrMCV2vu2rzXcZFYhiVLP3qBjWd9kfKUBH1fuZA7qDBF5K4iqziPIYgYuV-mUCR0a1kJ8NWzZz-p45WJKW-70ZdwAxhqBh7YZuk37kAaXyTCWlyVwVWg4ZsQbypoj6yLEMhJT0CEvnLczOL5xbQ7AuanaUHnNENeyOfiL87SFbknlgKTnHkEB3oOG5w39qHB5-zLdbY3OeR9slX9FYPOTUlVL4dYF8aSUDFfzyo6Ydy6D5Eo2INypquvKD2ALUwqo&sig=Cg0ArKJSzGId3NsAqbU6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231204.75512&arae=0&ftch=1&adurl=
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 06 Dec 2023 14:12:04 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 06 Dec 2023 14:12:04 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3FAB 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
338082
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 16:17:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 3FAB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js
Requested by
Host: 843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
URL: https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 01:32:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
45558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 01:32:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 3FAB 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
URL: https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 01:32:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
45559
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8554
x-xss-protection
0
server
cafe
etag
636498438165408290
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 01:32:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FAB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DpeeH183DFJu_pGr3xZeeM2RSht8_0wRg24sDCl1rES9a7sS7D8X-BxSImX9GuqYnJnh9xzit3kZT40VrIH3VxA-x15AktAjQJHdsYtgYqSX6UQTE
Requested by
Host: 843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
URL: https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:12:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3FAB 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
URL: https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Dec 2023 14:12:04 GMT
5045903559513650684
s0.2mdn.net/simgad/ Frame 3FAB 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5045903559513650684
Requested by
Host: 843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
URL: https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcac810cee2ffbc1aa93351a82b41161fd3b88cb21028dd7a7943f543ade467f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 16:37:42 GMT
x-content-type-options
nosniff
age
77662
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55510
x-xss-protection
0
last-modified
Sun, 19 Nov 2023 14:43:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Dec 2024 16:37:42 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E1C1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 10:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
12963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 10:36:01 GMT
rum
dsum-sec.casalemedia.com/ Frame 6871
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKmtsyWvbp2wUSgRRg8cjHM&google_cver=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKmtsyWvbp2wUSgRRg8cjHM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGNT98f4BMAE&v=APEucNUmgQz-WUQrf-W8nh9lLHS30e-FoZ079IFiSUy7mNBSL4Nd2NPg7bSh57mULXzwSaud0awPxhmBAMa9-SUqAV2BVsJ1Fu8ZuiRs1NrcZxkB0M74j8AUvhTstV4FlWdmrkgdlbv5YGWsPZNwJ-1gmVOgLl-FN0r4xDRKyMkhAX2ifTUjFGBEhUQcBsiTrJPbu1_DD67itwTGcvAlTBsNGOOwmNr9nA
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:12:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BngqG5t6RshFoe1i6xFers6WxF4%2BMu2VX1OGKaBBCPGv8xnLwQSDpwZSp4sUeifzhHTSMvfK0zFAsbsd0BjnFL%2B5IpJ%2BZakHIMzGTD7sFtNAbjgDPKPkq9iDS2LbU8K4EgnEQ5cJFNrfHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83151f285a73b914-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:12:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKmtsyWvbp2wUSgRRg8cjHM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6871
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXCBNG4G3.KUr69LQ.2B.AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwlPXEEIDO6cKyx8eWpjLI&google_cver=1&google_hm=2
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwlPXEEIDO6cKyx8eWpjLI&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGNT98f4BMAE&v=APEucNUmgQz-WUQrf-W8nh9lLHS30e-FoZ079IFiSUy7mNBSL4Nd2NPg7bSh57mULXzwSaud0awPxhmBAMa9-SUqAV2BVsJ1Fu8ZuiRs1NrcZxkB0M74j8AUvhTstV4FlWdmrkgdlbv5YGWsPZNwJ-1gmVOgLl-FN0r4xDRKyMkhAX2ifTUjFGBEhUQcBsiTrJPbu1_DD67itwTGcvAlTBsNGOOwmNr9nA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:12:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHdU6Vp5emWpzuNPCsYO7proAMUrMe5OI0HVQAtVqZe%2Bbs6ihnKfhehhUBQibUt%2BThxGwWEJLJ9xW%2Fop0IDyGAjsNZauMeHR95FIqfL3fOfAOE9gYsy7doi8yX6dgS73JR6dzrIcP0S24A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83151f290a6066c4-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:12:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwlPXEEIDO6cKyx8eWpjLI&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6871
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELG1x-ByQ7vC3AP8VcnYJ7I&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELG1x-ByQ7vC3AP8VcnYJ7I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGNT98f4BMAE&v=APEucNUmgQz-WUQrf-W8nh9lLHS30e-FoZ079IFiSUy7mNBSL4Nd2NPg7bSh57mULXzwSaud0awPxhmBAMa9-SUqAV2BVsJ1Fu8ZuiRs1NrcZxkB0M74j8AUvhTstV4FlWdmrkgdlbv5YGWsPZNwJ-1gmVOgLl-FN0r4xDRKyMkhAX2ifTUjFGBEhUQcBsiTrJPbu1_DD67itwTGcvAlTBsNGOOwmNr9nA
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:12:04 GMT
an-x-request-uuid
94f95a11-6346-43dc-accc-74e7f64f3635
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
31.204.150.114; 31.204.150.114; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:12:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELG1x-ByQ7vC3AP8VcnYJ7I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6871
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMzODM0NzIzMDc0ODY4Mzc0NQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMzODM0NzIzMDc0ODY4Mzc0NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGNT98f4BMAE&v=APEucNUmgQz-WUQrf-W8nh9lLHS30e-FoZ079IFiSUy7mNBSL4Nd2NPg7bSh57mULXzwSaud0awPxhmBAMa9-SUqAV2BVsJ1Fu8ZuiRs1NrcZxkB0M74j8AUvhTstV4FlWdmrkgdlbv5YGWsPZNwJ-1gmVOgLl-FN0r4xDRKyMkhAX2ifTUjFGBEhUQcBsiTrJPbu1_DD67itwTGcvAlTBsNGOOwmNr9nA
Protocol
H2
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:12:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:12:04 GMT
an-x-request-uuid
52e3717e-c3a6-4d51-bd65-b77ec3ab5ff1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMzODM0NzIzMDc0ODY4Mzc0NQ%3D%3D
x-proxy-origin
31.204.150.114; 31.204.150.114; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame B32C 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
180339
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 12:06:25 GMT
expires
Tue, 03 Dec 2024 12:06:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3FAB 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db66bd9a5d4b916d32a9489fb470375607f629fc08943a54fc2b9000be6b641f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 50B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311290101&jk=1257867413551927&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
view
ad.doubleclick.net/pcs/ Frame 3FAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstxqB4ZN1pqG7i8DNcZ5Kuoa9XTfNzngjcETxlqXLMwO3xgoMsubLKis-Pj5RR0wn_wr3JlvIDBKCLIDcpQS7tgAMiyXm0mamM2LflEpQiGtiXCnOHArk_W8dTC_nindDwE1Ve801pgyQXLxZnptb0kWMe-wFC7kmLAvWay6qpryn6pT46fmLL8n1JXWNk5LUE52Ar9P7lp-h3RWrp9Fxk6PDUHDa5cuSdoR7bFymsX7CAoqabE4HNCOrL8xSmJnqozzvL979cW8k6jSLcWRLtTdp5hKFNQrXPrehDRXFr7J2xAdznojpT5VwX9oN26W2aTyei4LT4ubCYisVeIX8yMzIKSljuZ4erWV6KOGuEw-l525mnxIH15CCNV368muWcn7yEW4PmEWm1js7SmPce2rl7hXYXM9zcCEGgsdHl3sPUrrpSsoSTY9rxAetvh41VM6bQCPIm1F9MtYHZfIiEqmpZqOAjOIFlDtdnz9UNL4EIt3R54X5otVbkIDnDWQxADZ_8yakjaBfLDiPUfwojJMkKXnZtw_3KtDQIO4FIOIo381X454yINI2UII47THWQx7tk9al7ZQaPIMA1clNlLOSiRojI6vYr_c3oHN3RUtdg2zDBbGuohvAGNYmi2idBh9FF6uUZSebfvy1wpczwLRYn8mUQJQbItWMZDWWBugyv7t_ucx0NBkgqyZPvW8oLSdSqY_cjx1ACZcQBgTIgtPzR6Ukt5Zx7n6Q20aZ-rCO81nhNVTA3Z-4NHf2SQJrEqmQL01SMZcmpLffL1Itj628z-C-pvDz01pIkC8uY0_3h00CYRjB5clZTzm4JxmHvYFIULvM5dmGdIaSmVN70RoNi_U0uzHepCVp3jvhu4mU9tdQv3c721gw-sPEuw2H6mRzizDcb-govQIB7rc_lppdNottCS-T0xaJbrW8gc7KjoLmeBsXeaVPUQXaIuuEjzXSm8vKkM_2_TjHfblZEgE6Inm_fmVQg2XWPTEPxgpyMqZpp1M8whrTQRd0kv-PEWqDk7OUAkVX4lCu8H3FHP5hcvEmWD_Wacijg1aZ6CXcNsRhVB-XYFWDnZN7EkeGKvM8Rdq5X9kYNHkOokuR2eV6Yc6CdkW2bA8m19_GFmphgP_5dlaLGkN5FZS2qZOsRBGKHqToYT_zCly8pQ5LrcuI9QiFC8vUGL6lAjfhTNWMkPJZmjr5Z0-2NhP7QlN2UBeoVmaWaRTgLEfMcsqYwkIq5TIobJ5eROcqG8Fp5CWVc6MB9gjhthlszxaAsZSqlyTUhzl1sEDDM7Y6hVE15ZAEpEsEVQBye7cYqOql1qU5g37kAtrL3AB80Oy3_J7lkQStAwHDs6qBe84y-j1hi9vwE-d35PlEFyN-GcD0KriWYYV7ag-ABm0Fty1zGRdbfCHWhi83NR9ouTuBoXN6MdoWCgcBThLRFF_8LLzm8OH-92QxP7772uUZIRmWrjVpSnNo_-r95b2nzxFqb9aHGj4thw7QdRRGERmH-P0M3xpBEoK5fJG_NlDHs&sai=AMfl-YQC_wHGnyJIsK_wbrsikg25ndCspSdrD55CaxDYJaq-SQA2zKgZ2IA4AVuLQncETOC9e_sJ2et-ZwR8LQcs-m732rlmRT4_dB7NMCSxoAVQS_veP4GRuK2Pcvbg71zi2xmm_XjP79UFaV8DhlhxIzACtkPzA3qb20o8Xhjpa2RCuPw-XE2ZpRF1grt7n0s7hOGdFHV0MNgZKtrof_6cm4qmsvBkp8lgv6UyBFxeAsmmREt4iMOBoWEcnLjA4XnGH3kxPgdrMCV2vu2rzXcZFYhiVLP3qBjWd9kfKUBH1fuZA7qDBF5K4iqziPIYgYuV-mUCR0a1kJ8NWzZz-p45WJKW-70ZdwAxhqBh7YZuk37kAaXyTCWlyVwVWg4ZsQbypoj6yLEMhJT0CEvnLczOL5xbQ7AuanaUHnNENeyOfiL87SFbknlgKTnHkEB3oOG5w39qHB5-zLdbY3OeR9slX9FYPOTUlVL4dYF8aSUDFfzyo6Ydy6D5Eo2INypquvKD2ALUwqo&sig=Cg0ArKJSzGId3NsAqbU6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=184&vt=11&dtpt=183&dett=2&cstd=0&cisv=r20231204.75512&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
pagead2.googlesyndication.com/bg/ Frame B32C 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:38:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
142428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19933
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 22:38:16 GMT
generate_204
tpc.googlesyndication.com/ Frame E1C1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7eRiaw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:12:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B32C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bkl8HM4FwZeDRNYiU1PIP_Oue4A0AAAAAOAHgBAI&bg=!ammlaSbNAAa0LlnulC47ADQBe5WfOOOT5gUs-8xLr9sSEn3WdMzOTfQyqVQLBN9Ar9SOMk8r5V1zwxraBwx1HGFx-v3JAgAAAD5SAAAAA2gBB5kDA2uPAZEhg7gu5YlpHKp7552foqLniQWTrFiqVo2o3eh1O7XIorqaufqpSholeeXbIXH6xey6qIdpfdsH1FKVhd3nO03PQH-m1mujbswbDVHybRA3Ja91FFZ2GuupXDiFhmUAkoJ18HuuxBrA9DlqrYfvcwKTfWwOQRqig4ky7vbs7LimWXoI-I8x5QamvFjixscfW1Kzi55aYAoGwvodNgBabjn_vRa14fTSTDIRbJDrVXKyTcngMjPlVaWcXaeC3YKzrk5rueT7DUhndKASxiudOoNevJXC9htkQA3qSjlwY9wQ_uJzJBNF06xENWZgb7UAi30n6gE8_ec6_5CfQqy-RL114K6UDn9keu8jDsuUcTRJTlZvRYdf51n9ZdH7X7bu_npgJhwgaKQih6nfU3E15ApRoFDvzzow13HkPJ2u6VG9pPl0jsFXXQqAnFue-YDKENQfF2bGThvXiLvWTAos5diiinaunDtPewYt9OxOqYNkL7832jbxzyjIIzt3Kg6eXnAttZTsgAKWV-P3R7A2AvQGVYDIjTky9Ddx24K0jGUhm_Tld-8qUt6FUdIkgRMjmefEWsDOXutRs19wcOh9u5VyTYhmtvrehB41QVgmoSX8j9mqsqbOb5aWeltGrsTtdQeSk55fK-FYExNmHBnFWBiZPF-54HZf0dQuTs2ca3tuDoLTe5GGztnjphHSCnV-CixLBe4ot3ZkDR7tVU7MD4QNu-EvWt80khcPLU_AZqjPg5kzDDYFcGfCe2crpDw3Len3d3BWsi4hv05TwzStY_kB_Xx4Buqtcnrjg9kCocsv-bInAQmNhFwZ5Vb8GYtBz89UtY04pyK1sehm0PMMeSD-MbRRt1FKGepMnlI1jeBeLzkBJZ7LU5lLqtrEw2VnMXJU6tSVZpjvv_zdKyJ5Uxro-e8wNAWCb45u3kQoKYTtXYSLVzRqzHLw3cG6BEHwQlOu1BLQ9b1KHxepK99g3h_k72EHmVKZeVuUXR28YP5JOL-YESs3fv5AsxRD8dYRUw
Requested by
Host: 843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
URL: https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:12:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311290101&jk=1257867413551927&bg=!Dg2lDULNAAY3kmNgF5I7ADQBe5WfOFuz-V9pfF-qgvx0cbVRkGBVz7xmGl-_ePy5_LDTia4g6SPXiWAPuM65pvae_I9AAgAAAFlSAAAADGgBB5kCwREsKa9iU3Hl-A4SvqTWAMahb1VXO7O-1rIklAKJAscKlTzSG-NddqPA0sMPw7t8jzkMyW6N2WpK4XAa4usKzYdp7W9U7TLG2752UdDjnsHx4u05wSssgCavUMs2P5YYDbTdHWiayLR4ymcgYMBGqwavmvM2QhLgtUyBWRBrcqLLG8VdwGmZkqtWfXfrHZJ7uLSBzENBBgwuf6f1BYdDFBDjTNb5aq8xWgvoR7I2En6VMn1nR7SGalp8e_mAUiyXpIEvmOcDaG5hu8_Q5_S8isyjWoGJJtgMMZ2IyBsQAgVCgsa2M-LCiIz9-txOG0KBX3kjPA4dkjwjsoNVuwgNTknB_-E3mAG0fkpOiEZY_0fYCZN_083cQeebRNowC03mUQD-UzOtdmUIZIpSOsh9kzR7fMQXUdHSkO53uVUVjd4stEpElBIz4szTzBzRN_cf2gLYpv6kLxHXpxfrg3I-ml72ZssZHoQJyCA2BziFF7spkCWtoFZiF3_c7CYr9LxK-LRCNLnL-bDuNDehcmEsZ7hdnhCa-qoBLyfyleB1BBR0mPYqDPskNuyeKNe5MNX19_nt9--s4K1zE_4ozgUCEZRQCNvu9b2mhu9r2yPIEOujK9onkgNIcMgq1tnLH_27PZlsT9TJzpo_kpzCrbOySHl1X2pJQbQ8A3lOAt0rCU73cuBgmZ_Fbzkn_QqZ1N5UZIag6Tl_NqKs6r_Bt3AHduFJT541MLnm0xvI30127VBfPWkvdf6HjVpxtuqxyTkWhAoF2u1yxJBqsFWygzFqzfM4YMQpwBc0vc9Ad4cPZO7fB4blXmqKZaHvZi4uoT7kDayXdM2H3OH6UGABnWjOT3tBOc89-z-lAuLn38eLqsLPgTnNVzqLxPWmaCa_DKdD2pxsgx9nYUZth9FBGYJxWILCTDW5KW1N-VgPn_3LqNNf2g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rafyon.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 3FAB 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvWnl_kxnZchlvAhBQl4PTyGegIW0iVTWMsIwafqRZNr8txCmQwh-WE9TCxI1XDy8XsQDfTqRUNdpHVdOxdBNtLbNsSQYm2fv0pCSjuzobu7jgga-odx5zUWVuwKLl0WieL7tPqdPuMKrz&sai=AMfl-YQB02uB2eHXWkz34XSqbacecBzHE1kGc19u7L6z1T7kbzKtCV5NC2ePmOsaOD-le9qvJ_RTj46wO8yXKsKSSI19A3OUvBcTfc47F6ARXJ9N7DugipWld67M36KCQDJwleUztq4zY43OiUvyJQGa53B1AREVY-WwjL0&sig=Cg0ArKJSzL_zYIWiyBpQEAE&cid=CAQSTgDICaaNmF5M3D53oMtTW9Rq3abmcs0fT97VcqAkgZKLU8uCeiUEMYzP6EHpWvJkcv83Njkd2m60mnd34XRa8rDTHvL_O4Z2FX0TQStT5RgB&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=937240394&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701871924250&rpt=317&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:12:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery object| a4h_js_vars object| a4h_js_load_more_posts object| twemoji object| wp object| AdSlotCollection boolean| __isGoogleAllowed object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 object| pbjs object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| GoogleGcLKhOms object| google_image_requests

13 Cookies

Domain/Path Name / Value
.rafyon.net/ Name: lotame_domain_check
Value: rafyon.net
.criteo.com/ Name: uid
Value: 60e056e3-85e6-40ff-8aa7-d5e463dfc790
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.rafyon.net/ Name: cto_bundle
Value: y3id9l93NlljRFdlQlg5RkclMkI2bWpxbll2OE5LTURDbSUyQiUyQkkzMENqMHIxYyUyRkpINldKbnk4WEJ4OUx2ZnpzdmE5bWlqUHFYdDFPclpET2xzMnQwciUyQlpYQUhVWUdRVyUyRnNiMSUyQjNqS3lGaGVuV2tWa1MlMkZFUkx3eTR1REtRMUltajNpdUVoSWk4WVZTVEMwaDgxV3dFQ2o0Q0klMkZUMmclM0QlM0Q
.openx.net/ Name: i
Value: 313f1731-009d-48e4-8ae9-72ed1c1cdaf0|1701871924
.rafyon.net/ Name: __gads
Value: ID=4a88022dcee71767:T=1701871923:RT=1701871923:S=ALNI_MbXNo7t5Tu4OU_nIsiuD3RRGisjkA
.rafyon.net/ Name: __gpi
Value: UID=00000d0c73d8eb46:T=1701871923:RT=1701871923:S=ALNI_Mbk1JBiBrLkepTgFskObEc9L_nNyA
.doubleclick.net/ Name: IDE
Value: AHWqTUl2UfZAQQukNN2WXFUt2mUDXGpbRU-hmKIlFCFEFaBMLhH6XIRTz6-GSXueOsA
.adnxs.com/ Name: uuid2
Value: 3338347230748683745
.casalemedia.com/ Name: CMID
Value: ZXCBNG4G3.KUr69LQ.2B.AAA
.casalemedia.com/ Name: CMPS
Value: 1172
.casalemedia.com/ Name: CMPRO
Value: 1172
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2ImIZ@)g!!1yIE`fS1ueD1W-044)d+]UgPHLRYz@$ODYp'xF%CpNbu*`8R!1Ft_8hy^LJP(hw9P-HC_#ttE?)e'j3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

843aa1bb91f1e25a2cd9421173064ebb.safeframe.googlesyndication.com
ad.doubleclick.net
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.optad360.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cmp.optad360.io
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.rafyon.net
141.95.98.64
172.217.18.6
172.64.151.101
18.245.143.83
216.58.212.162
2600:9000:211a:4800:f:a31d:75c0:93a1
2600:9000:2156:aa00:6:b871:4f00:93a1
2600:9000:2250:1200:a:e047:753:a221
2600:9000:225e:a00:11:a4de:2580:93a1
2606:4700:10::6816:3456
2606:4700::6810:5714
2606:4700::6811:190e
2a00:1450:4001:802::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:2638:3::3
2a02:2638:3::c
2a06:98c1:3121::3
34.102.146.192
34.120.107.143
34.96.70.87
35.244.159.8
37.252.171.21
52.19.8.73
04fd3a2305c7dc6473b7fd2feb8b73778e7d8a6f92f2523857a145c77f399259
06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be
08f3271f24a81101413f28b107fcf6d90d89d662383fedf8882e76f122b0bfce
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ac09766e0f1322a4aaafcf2192f7b1c69f26c3810f9f89f2238373decf8af
0dd63db78cedc8bee5838a6d1944c129094c97b9fc57489f5643d6da11d7bfe5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
10921def84fcc2ca0978321d156b1b65940fe30b328bd003cdd6a4e4792e24a1
1a2f962e47e4ec7e48aa29f054eae0fdf49a666d11222c3f72e04247d37a3ae9
1f195987b773b996230b3526e58fa4f0538e776e62b231db573039b8a7958164
1f974731c9f403a588970e550dd5c911291f7257e366b89e5952b055e617b578
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98
36d9a942cca5b9f6a701720465c53f4e92093e224af0181bd4455b20a45e0957
3f10d46f8743b0d31f46dd63ff7786a904a0cd5f36f9f21f254aec928fa3bdfc
414caa66bb79bc88c1ba6a2a415d2333c0a01aab1c15f74684dfa7542a97d2f7
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44b86bbe777bd108d78e6dd7a68a9afe8399565f11b6f87a4656345491c77a23
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4807e2621b38e9bda19b22665cecc64e63ccfb30d32d675802342365a6ab3a28
49b46188442abf20e776e5a224ab7757709b9807461aec752be1b4ce4dc631ed
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c3e8276a03b75d40fdbc5b40e665022127cbbd1722b6de06839ca69f664b7af
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b49521fd237e0ce7c618aecd7390c03deeac97ff7bb405e07fb7fd429a0f397
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6511c49ad2da79efffa24912c9b244776702a27bc8bdd4afc2855f646b443e10
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
74b059a64ab907df19f8d548cbff2afba3939e5d31d28692a333671eb779ddcf
7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9
7be852fa90099f7dd21fa33dd43173b0ef0eb29ca9a871bbcede3804bf1d3aa1
7beb67896e969bca947fdfbd1f11e20ae0e5989f7a444bc69c0eba234fd7bbca
7cb3d35b55d42ce147dd843386871c72ad7d78bd3c60a49b1099e41881556f2b
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
878c993cd4eb6b6f818e0316f9e6652ac9ee3e7285f343074e75589ea8ff6ffc
87d6652885b4cd02575c35c6e5e1597c106b28dfdd73295611892d6ee11a3517
89f7ca3b0a13782b370063ac11e3780b4bb2164d6d7125cae7a2b23155f54de7
8a10c8b54e1c59596f5caa93f72615a4a67f92567abfb376bfe7ca630aa6107f
9148103ca9f6c497dfde5e5342128ea3e6341e2b1469a5241947164bec5c1240
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a195b24c93fe857115ce6c2170b8ce99da4f44daf9110842fe06fd72d19a9276
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2
a7e1fce0f4ca98d191cf972d38b5f416ae0fe18ad15cf42ef4c73aacab0510dd
a976cc60761ae1e5d55361726238e9243fc7062e9c8b6344ec604d1152cc8986
acdbe0be5b0f973126222d293fef3fb5f848ef89d0557d221cd2a5ab4562f15b
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4d6967c4bafb227f8fd6f0c659da9297bc719b6d4b5c37216244e6bc3e0d609
b5bc421a51791bbbee22e0de81f887fa44756eb90ef1875e2db76cff17832140
bcac810cee2ffbc1aa93351a82b41161fd3b88cb21028dd7a7943f543ade467f
bf993c352a9c882af60619f9ba8b4d66c442be85875d78497571023b2aa5d28d
c0f27ee92a26e2bbb2393e7695351be1c91d890492943f52cf18fcfd899666ed
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c9bdec335f90f1b0664b5151ae857999951afb4414b657fc1af0ade1a381b43a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
d38b3e26dd6b6cc40545482d9ede9a2abc5d123a1f7d8d10c0c270588e5dfb7b
d43d0c2b00d3bc407fafd5be66fee7a74b6bba325fc56f98a96ca6bc1b340683
d66b4e8556dec780a3be1e72c2bacfac5f379f6977f2886254908e5f87db6bd6
db66bd9a5d4b916d32a9489fb470375607f629fc08943a54fc2b9000be6b641f
dc177abd6607fae8b2d131cf0cff266d2a3311263b5ec8d0e643c84f2ec112e2
dcf6f6feae5927c60139ce3e1629564df3328ee63a1bf852e04afb957e684041
e26cdf84ea6019cb4505a4bd4e24b6c8cdc08f18a5ecf7c0a8668f0af945d64f
e31ebf113144bd88c51f9344ae69e9a0533f0484c7876157b5ce7afab3f279dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f3825ab5a948a650d9276b8c3ed43db6f36ac1e7d150c134bc2685e537131b
f38e373a688607ccbc8503ad471aa3bb21d32725d46834eefb73980b9b83e789
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb