urlscan.io logo urlscan.io
SecurityTrails logo

safe.sur.ly Open in urlscan Pro
54.173.41.122  Public Scan

Go To Rescan Add Verdict Report
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320...
Submission: On December 25 via manual from DZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 41 HTTP transactions. The main IP is 54.173.41.122, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is safe.sur.ly. The Cisco Umbrella rank of the primary domain is 328359.
TLS certificate: Issued by R3 on November 25th 2023. Valid for: 3 months.
This is the only time safe.sur.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    54.173.41.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-41-122.compute-1.amazonaws.com
safe.sur.ly
sur.ly
16    2606:4700:20::ac43:4aeb (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.sur.ly
img.sur.ly
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    41.106.5.206 (Boumerdes, Algeria)

ASN36947 (ALGTEL-AS, DZ)
webmail.sonatrach.dz
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2aecda7864ffba54370ae296f0290b35.safeframe.googlesyndication.com
4    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
28 sur.ly
safe.sur.ly — Cisco Umbrella Rank: 328359
cdn.sur.ly — Cisco Umbrella Rank: 161444
sur.ly — Cisco Umbrella Rank: 137631
img.sur.ly — Cisco Umbrella Rank: 311950
115 KB
8 googlesyndication.com
2aecda7864ffba54370ae296f0290b35.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
42 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
136 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
296 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
90 KB
1 sonatrach.dz
webmail.sonatrach.dz
8 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
29 KB
41 8
Domain Requested by
15 cdn.sur.ly safe.sur.ly
cdn.sur.ly
10 sur.ly 4 redirects safe.sur.ly
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 region1.google-analytics.com www.googletagmanager.com
2 safe.sur.ly safe.sur.ly
1 www.google.com tpc.googlesyndication.com
1 2aecda7864ffba54370ae296f0290b35.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 img.sur.ly safe.sur.ly
1 www.googletagmanager.com safe.sur.ly
1 webmail.sonatrach.dz safe.sur.ly
1 www.googletagservices.com safe.sur.ly
41 13

This site contains links to these domains. Also see Links.

Domain
sur.ly
Subject Issuer Validity Valid
safe.sur.ly
R3		 2023-11-25 -
2024-02-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-11 -
2024-05-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.sonatrach.dz
Sectigo RSA Domain Validation Secure Server CA		 2023-02-13 -
2024-03-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sur.ly
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 5 frames:

Frame: https://webmail.sonatrach.dz/
Frame ID: 9355C5FA11898A33F9CCEAD94A4A53F0
Requests: 31 HTTP requests in this frame

Frame: https://safe.sur.ly/alert/frameDenyDialog?targetUrl=webmail.sonatrach.dz&panel_lang=de
Frame ID: 90DCA069220826622328BCD847505F50
Requests: 4 HTTP requests in this frame

Frame: https://2aecda7864ffba54370ae296f0290b35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1FE7A54B84D626F991703C4FA3B2A7D3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8ED58E4ACC3741F4099FFB80307A41BE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 249E05A3E387CB1B35ED3465E989AB67
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Outlook

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

88 %
HTTPS

82 %
IPv6

8
Domains

13
Subdomains

12
IPs

3
Countries

420 kB
Transfer

1138 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://sur.ly/surly/images/platforms/wp.png HTTP 301
  • https://cdn.sur.ly/surly/images/platforms/wp.png
Request Chain 10
  • https://sur.ly/surly/images/platforms/jml.png HTTP 301
  • https://cdn.sur.ly/surly/images/platforms/jml.png
Request Chain 11
  • https://sur.ly/surly/images/platforms/drpl.png HTTP 301
  • https://cdn.sur.ly/surly/images/platforms/drpl.png
Request Chain 12
  • https://sur.ly/surly/images/platforms/php.png HTTP 301
  • https://cdn.sur.ly/surly/images/platforms/php.png
Request Chain 39
  • https://safe.sur.ly/external?url=webmail.sonatrach.dz&forceHttps=0&panel_lang=de HTTP 302
  • https://webmail.sonatrach.dz/

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request AA000014
safe.sur.ly/o/webmail.sonatrach.dz/ 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
2b752c6d76ce2465e3945d6a52efc4d5a5f3f7b94fc83844d66541ca9aa2a298

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 25 Dec 2023 08:38:01 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
vary
Accept-Encoding User-Agent
x-robots-tag
noindex
jquery.min.js
cdn.sur.ly/js/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/js/jquery.min.js
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2269789
etag
W/"62a6bbba-16cfb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0Xx7R9daFChfj6NpODi9ZdFbnOJzCw5jP42Q5yYEX7%2FXnPaCjCxB7yR5y2HUx1tkvxo%2BJlTRd3EMtRF%2BgDyHjN7ucj6uXfH8Hty5RatMsD4PAERuQtIu6WD59xGu9HKfk9f8W%2FctFs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
83afc3f73c7e9be0-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 15 Dec 2023 16:58:40 GMT
device.js
cdn.sur.ly/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/js/device.js
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99bfdf3fec5f85f15ff7eab703567df493fd816c9f5def19324ad81e3c3da40d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1132309
cf-polished
origSize=2605
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
W/"62a6bbba-a2d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdgZoGrfqC4TEsR3xIskTVvl1q81QMUNRZm3788meLMfoucAOqNCOSjzLetBxeJKPceWld8RdUa%2BkWM7zG2lJnKV5E%2FISc9nyjPPGo76w5Ts6%2FK8pHfWivh5cV01VGnQZDcNfuE1O1s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
83afc3f73c829be0-FRA
expires
Tue, 12 Dec 2023 06:39:52 GMT
panel.js
cdn.sur.ly/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/js/panel.js
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baba3988b5be911a40b685194ebb47eacfdd29ff65c6ca357974c57c5e10c8fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2096843
cf-polished
origSize=3675
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
W/"62a6bbba-e5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9fEuOOQbcZvEnghWJ36vziu0WGYPsI%2BN27VkosJNjkWLOz0RJj%2FlhRntGH7IMmrcQ9PjXrpGmAF8nITHDAGNMhUXBZjDEHeQEXVOJ8i%2FYavAv98%2FlNefKDvMLDw0ogdz69tKVqPahQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
83afc3f73c819be0-FRA
expires
Wed, 13 Dec 2023 04:56:14 GMT
panel.css
cdn.sur.ly/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/css/panel.css
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
965927282408a0c1384214531aeb2070e3ee108f43b370bdba2680e75ad5f533

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2357158
cf-polished
origSize=16422
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
W/"62a6bbba-4026"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJ4YG9j46nGFZNOLaxaUJykJ9ir%2Bl7OcYndi0j%2F1%2BDeBlr9wh8lvJDDcX8%2FjdDBiXzhqqIn7fRvq29GBIPvb8RShw3mn75MPdMAUml7%2B5j8lmthjeNBfaTOBJueeAxO2Eeo0W6dhq6k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
83afc3f73c7c9be0-FRA
expires
Tue, 12 Dec 2023 05:25:17 GMT
lang-de.css
cdn.sur.ly/panel/css/ 		362 B
494 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/panel/css/lang-de.css
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd57c5a16136024980e026b9f32c3554384951a695fc3a999844cc444d1028fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1210493
cf-polished
origSize=474
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
W/"62a6bbba-1da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oi0HOLo5ayaXfIJ7xNIMeKzo2Vw8q65FsBG6%2BkIfVGxPf8fvI3omoMbUsi4uGIeKQkoUMkWYCwyEcbpbq6r2AlFlnrvvzmr%2BNwTr1zRPsZEn3f5png8V9%2F7J7D%2FgGup7KpL3hQvEUyU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
83afc3f73c7b9be0-FRA
expires
Mon, 08 Jan 2024 17:30:49 GMT
desktop.js
cdn.sur.ly/desktop/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/desktop/js/desktop.js
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
687aa3f2e902b02283d9a08521b7d77314cd2c7a1c921006974c8e40382bae08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1993495
cf-polished
origSize=9803
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
W/"62a6bbba-264b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcCgAHjpSAJWIFhal%2FmMz71hPggR6Cw%2FgyV6Oq6%2FMfntGfqtai79C6WGwbjxnzaf%2FE88UT7w4A%2F1HbVdbUa%2FypmyEYYdh43hmDVelUka7j1JyejmBuR9Xke49KZR0GsFLyZZr53iwRg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
83afc3f73c809be0-FRA
expires
Sat, 02 Dec 2023 08:25:25 GMT
gpt.js
www.googletagservices.com/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b427c5334dff98e924517eed48d194a4fa2575d97e368596b6d005cc7be04e3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29097
x-xss-protection
0
server
cafe
etag
575 / 19716 / 31080056 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 08:38:02 GMT
favicon_sur.ly_white_32px.png
cdn.sur.ly/ 		660 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/favicon_sur.ly_white_32px.png
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93e1c897dcf175c8d98561fb24cb06aa2d6860fba7a24eb90d4c60cfe5a9e5b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1132170
cf-polished
origFmt=png, origSize=1177
content-disposition
inline; filename="favicon_sur.webp"
alt-svc
h3=":443"; ma=86400
content-length
660
cf-bgj
imgq:100,h2pri
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
"62a6bbba-499"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lb%2FK6twcChZfKwM7yxIYHYAAduSLhV6R0bAHTwZYOo%2F6%2FbnjtkjZRWK9h0XUFl%2BR8NNfSY%2FqNKd74cqjA%2FRMjcfohVRiRslh9rg3bwg%2Bqf%2BD5ydhsAJosb7lWwKMQR%2B59GrLOHwvdY0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
83afc3f79cdd9be0-FRA
expires
Sun, 31 Dec 2023 07:24:27 GMT
favicon.ico
webmail.sonatrach.dz/owa/auth/15.1.2507/themes/resources/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail.sonatrach.dz/owa/auth/15.1.2507/themes/resources/favicon.ico
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
41.106.5.206 Boumerdes, Algeria, ASN36947 (ALGTEL-AS, DZ),
Reverse DNS
Software
/
Resource Hash
cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 25 Dec 2023 08:35:36 GMT
Last-Modified
Sat, 26 Mar 2022 18:40:39 GMT
Age
49481
ETag
"806d40fd4041d81:0"
Content-Type
image/x-icon
Cache-Control
public,max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
request-id
cb0c00a3-c077-4f35-a6ef-3513f2d2da17
Content-Length
7886
wp.png
cdn.sur.ly/surly/images/platforms/
Redirect Chain
  • https://sur.ly/surly/images/platforms/wp.png
  • https://cdn.sur.ly/surly/images/platforms/wp.png
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/surly/images/platforms/wp.png
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H3
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba6393369ae26cdaf4fda3d724db47e6c6a27c1ff94c4f4440f59373891b06c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2261768
cf-polished
origFmt=png, origSize=10554
content-disposition
inline; filename="wp.webp"
alt-svc
h3=":443"; ma=86400
content-length
4330
cf-bgj
imgq:100,h2pri
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
"62a6bbba-293a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUWaxRFjYcnZfFgnAHuWLSAZ5uLzTyk83M3uKgoWuZKbFkAWsTCOuoRNAlzR1vf8b2p%2BVUeq0eb9ekKSgrLCBarO0MzMpjOD3M35vH0Lua0UC2UyXqluA4l9y3TJpELCovdyVfeuxz8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
83afc3f92ffc3803-FRA
expires
Sun, 10 Dec 2023 08:12:52 GMT

Redirect headers

location
https://cdn.sur.ly/surly/images/platforms/wp.png
date
Mon, 25 Dec 2023 08:38:02 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
content-length
185
content-type
text/html
jml.png
cdn.sur.ly/surly/images/platforms/
Redirect Chain
  • https://sur.ly/surly/images/platforms/jml.png
  • https://cdn.sur.ly/surly/images/platforms/jml.png
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/surly/images/platforms/jml.png
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H3
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df5af72bed6161fd02ece4c963700082b7d86d4ea536b740115da62c4729d62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2339236
cf-polished
origFmt=png, origSize=10602
content-disposition
inline; filename="jml.webp"
alt-svc
h3=":443"; ma=86400
content-length
5752
cf-bgj
imgq:100,h2pri
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
"62a6bbba-296a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tG9JIh1gvczogXx%2BMkhYgHyZbFoXxHiTHdd4syDsWdcWJ8aL2GX1xjeRC16tQ1ir3aB9y9HhA%2BuDVY%2FEUieK%2BdvLbpKHydR6jUJmugVXGwXHnRzZnYJKUQNK62CZ0xdNGaOE1Q37j1w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
83afc3f92ff93803-FRA
expires
Sun, 10 Dec 2023 20:06:09 GMT

Redirect headers

location
https://cdn.sur.ly/surly/images/platforms/jml.png
date
Mon, 25 Dec 2023 08:38:02 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
content-length
185
content-type
text/html
drpl.png
cdn.sur.ly/surly/images/platforms/
Redirect Chain
  • https://sur.ly/surly/images/platforms/drpl.png
  • https://cdn.sur.ly/surly/images/platforms/drpl.png
5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/surly/images/platforms/drpl.png
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H3
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6dfe71179b148708d299980302200a1ba864d38072d1e96166ec05d11dc217

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2090848
cf-polished
origFmt=png, origSize=7732
content-disposition
inline; filename="drpl.webp"
alt-svc
h3=":443"; ma=86400
content-length
5480
cf-bgj
imgq:100,h2pri
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
"62a6bbba-1e34"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmjGQNaPdgHSC7hT1Mw1M6E%2FxQNbTZLkV2fc%2B4V9xTzDnaK8Kbp%2BB627047A2W8%2B0MVR6UBNpeeSGO2UgYNYE4hD%2FgyslOPSLpv2RA9fIrrLaIqSjN8PYehI44DIMUCbhJsU5szErBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
83afc3f92ffa3803-FRA
expires
Thu, 21 Dec 2023 19:46:45 GMT

Redirect headers

location
https://cdn.sur.ly/surly/images/platforms/drpl.png
date
Mon, 25 Dec 2023 08:38:02 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
content-length
185
content-type
text/html
php.png
cdn.sur.ly/surly/images/platforms/
Redirect Chain
  • https://sur.ly/surly/images/platforms/php.png
  • https://cdn.sur.ly/surly/images/platforms/php.png
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/surly/images/platforms/php.png
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H3
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec8d075b1f6aa1ac3f7de58d8f47df98b8a91ee8a93d8712579568e66c4b490

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1373089
cf-polished
origFmt=png, origSize=8876
content-disposition
inline; filename="php.webp"
alt-svc
h3=":443"; ma=86400
content-length
5652
cf-bgj
imgq:100,h2pri
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
"62a6bbba-22ac"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qz1vsxJpH%2BlS%2FhvXIM0Fq59xPLfeZ6nnvVR%2F7ax8wNNkJehF9yM5zewQurSHu2qYyGIBaf3VuNMG3PqIXKwgrbwxej4AR2ZKHUJsBWLcX0%2FVNmNCbY8t%2FW%2FAE3NGWSoreK%2FozrWCsdY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
83afc3f92ffb3803-FRA
expires
Sun, 07 Jan 2024 19:47:27 GMT

Redirect headers

location
https://cdn.sur.ly/surly/images/platforms/php.png
date
Mon, 25 Dec 2023 08:38:02 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
content-length
185
content-type
text/html
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L04HQHN9RZ
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
887a0a4077848cdbf705cc8be086a4ab5a671c16830be4fc6cb0bccf7d73ca36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91628
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 25 Dec 2023 08:38:02 GMT
stat.php
sur.ly/ 		43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=5212&r=1105
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
content-length
43
content-type
image/gif
frameDenyDialog
safe.sur.ly/alert/ Frame 90DC 		2 KB
978 B 		Document
General
Check archive.org
Download Go to
Full URL
https://safe.sur.ly/alert/frameDenyDialog?targetUrl=webmail.sonatrach.dz&panel_lang=de
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
8c9dfaee8550dd6bd75f1c93c556f610b990f8b6d64049b741da2ccd6b88e857

Request headers

Referer
https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 25 Dec 2023 08:38:02 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
vary
Accept-Encoding User-Agent
stat.php
sur.ly/ 		43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=5055&r=8134
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
content-length
43
content-type
image/gif
stat.php
sur.ly/ 		43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=1888&r=52584
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
content-length
43
content-type
image/gif
stat.php
sur.ly/ 		43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=5893&r=67513
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
content-length
43
content-type
image/gif
stat.php
sur.ly/ 		43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=9726&r=42193
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
content-length
43
content-type
image/gif
stat.php
sur.ly/ 		43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=3259&r=9066
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
content-length
43
content-type
image/gif
surly.ttf
cdn.sur.ly/font/ 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/font/surly.ttf
Requested by
Host: cdn.sur.ly
URL: https://cdn.sur.ly/css/panel.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
893f9fbf43e5c59e7f3fde7dc3e3596bca16a8e1e02e0972d456fba3a67cb20a

Request headers

Referer
https://cdn.sur.ly/css/panel.css
Origin
https://safe.sur.ly
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1450620
alt-svc
h3=":443"; ma=86400
content-length
2440
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
"62a6bbba-988"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTagdgeMO%2B2%2BIDSOmjl4NZRGXAAwxao%2Bw1PaGTd1%2FwBd67TWqFnsWDL6%2Bti11JX8a9IEqCdlNOmf1ov4xME7Ut5v1xcrsMJf3j5qoknTmQBmDovGNn3mpeYwZC34hPOWB6ZvXW%2BAgvU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
83afc3f7bfea9214-FRA
expires
Sat, 30 Dec 2023 10:54:18 GMT
b-progress.png
cdn.sur.ly/img/ 		96 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/img/b-progress.png
Requested by
Host: cdn.sur.ly
URL: https://cdn.sur.ly/css/panel.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df45d2380d3576524448872de57a016dc9af5f31fd3d844328660730fad1b50a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.sur.ly/css/panel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1488204
cf-polished
origFmt=png, origSize=206
content-disposition
inline; filename="b-progress.webp"
alt-svc
h3=":443"; ma=86400
content-length
96
cf-bgj
imgq:100,h2pri
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
"62a6bbba-ce"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRazqw6e479CndwRTp5e11NPjqcYvlCjnQJ18%2Fiku1TvGGdff%2FdIQCdYi5DZdZQfED2MoV1VMjTSn7oIws9MDyNVzinGPFL6U3aXaHR%2BJCZL976dYPBLSnuesai3cREgqWXJaoVe9jA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
83afc3f79ce99be0-FRA
expires
Thu, 28 Dec 2023 09:10:07 GMT
alert.css
cdn.sur.ly/css/ Frame 90DC 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/css/alert.css
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/alert/frameDenyDialog?targetUrl=webmail.sonatrach.dz&panel_lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a582b24e6ad02aba9a4f07f72852816f19a6a32593faa2a2a105bcd39914bb56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2173115
cf-polished
origSize=3292
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
W/"62a6bbba-cdc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wQYqIKUYmMPTtBdhnAeUeBwqOfyKpLhaWJHtxM16j0lz1fCj46E0WX8xhXft0nUsGxOsrRlYMTOLsHrD%2F9st%2F2mY20k%2B%2FyWZmZJc4wA3nnk%2FIbNXEFGyZHbFXdxlicjWX4Vx5cKIIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
83afc3f85f3e3803-FRA
expires
Sat, 30 Dec 2023 04:17:35 GMT
jquery.min.js
cdn.sur.ly/js/ Frame 90DC 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/js/jquery.min.js
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/alert/frameDenyDialog?targetUrl=webmail.sonatrach.dz&panel_lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1129290
etag
W/"62a6bbba-16cfb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfTmdIGiFlypfiodW3ezXGNnmIaJSK2ap8uJ%2F7SctIgZWpUToxJT7Lkfvnfe3o9D5GLFRQb2m%2BzLQNqenjYzCgG0C9%2FAp%2BLQIp%2Bkb2nkPrMOsizooFVKWoLhBzwtEctKUfwPMSZqaA8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
83afc3f85f403803-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 15 Dec 2023 16:58:40 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L04HQHN9RZ&gtm=45je3bt0v9103726923&_p=1703493482156&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1704309702.1703493482&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703493482&sct=1&seg=0&dl=https%3A%2F%2Fsafe.sur.ly%2Fo%2Fwebmail.sonatrach.dz%2FAA000014%3FpageviewId%5C%3Ddesktop-302e3439333332363030203137303232383736343320353031313437363038&dt=Outlook&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=756
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L04HQHN9RZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 08:38:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://safe.sur.ly
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 02:18:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
22744
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 24 Dec 2024 02:18:58 GMT
webmail.sonatrach.dz.png
img.sur.ly/thumbnails/620x343/w/ Frame 90DC 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sur.ly/thumbnails/620x343/w/webmail.sonatrach.dz.png
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/alert/frameDenyDialog?targetUrl=webmail.sonatrach.dz&panel_lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c309a6aa24a5d5e94c3f0e571f543df68c75a67ef0fef9ad3d2705f9f8b5409

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DHE4QAK5HZM45Z9W
cf-polished
origFmt=png, origSize=5759
content-disposition
inline; filename="webmail.webp"
alt-svc
h3=":443"; ma=86400
content-length
3808
x-amz-id-2
EsW1NLbItKE4dyrUZI9D0ukxBTSM7zZw8NyBiWRcqcJFW45WGgXP+D8TTaNa+fDV4v9mz57JtDE=
cf-bgj
imgq:100,h2pri
last-modified
Sat, 07 Mar 2020 12:17:12 GMT
server
cloudflare
etag
"fa73ff233da2dd6ff744eeb6dd852d99"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MakYWLamRY8uGCeYCzSiGgwdABMUSZj%2Bx5y926PHvbKTg%2FEqrmEn%2Fjw26393AZbs88zxRijssKV4pf0IK9gX%2Fgj58i3lgDxa4aTfPrIxQEGII5T%2FMCdvpGlBiVzUJN%2ByQ%2FFkTQTJMrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
83afc3f8fea49be0-FRA
expires
Thu, 28 Dec 2023 02:05:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		836 B
842 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3776607905224021&correlator=1970997268048265&eid=44809527%2C31080079%2C31080124%2C95320408%2C31080056%2C31079527%2C21065725&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=275405283%2CSurly-Envelope-Catfish-Desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1703493482507&lmt=1703493482&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsafe.sur.ly%2Fo%2Fwebmail.sonatrach.dz%2FAA000014%3FpageviewId%5C%3Ddesktop-302e3439333332363030203137303232383736343320353031313437363038&vis=1&psz=800x100&msz=0x-1&fws=132&ohw=0&ga_vid=1704309702.1703493482&ga_sid=1703493483&ga_hid=1172037575&ga_fc=true&dlt=1703493482044&idt=449&adks=350692623&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d807580af97db6827b4aed1ac012836b008aa3f696bf0348dcfce9356fe321e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
473
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://safe.sur.ly
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2aecda7864ffba54370ae296f0290b35.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1FE7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2aecda7864ffba54370ae296f0290b35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safe.sur.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Dec 2023 08:38:02 GMT
expires
Tue, 24 Dec 2024 08:38:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e62e9aef008e64e5f492d7a242a81067d7e229d3ccf0127e9b10033d05b4b618
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12081
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Dec 2023 08:38:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8ED5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safe.sur.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
28950
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Dec 2023 00:35:32 GMT
expires
Tue, 24 Dec 2024 00:35:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 249E 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f336e0be5ee4654e147babcef26e8f3f943cfc7d879edf69cde244aa2ca9c153
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BuPVnO-W_f0ANyyH8afQ2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://safe.sur.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-BuPVnO-W_f0ANyyH8afQ2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 25 Dec 2023 08:38:03 GMT
expires
Mon, 25 Dec 2023 08:38:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 8ED5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 12:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
72793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Dec 2024 12:24:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 249E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3776607905224021&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8ED5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1zGPtg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:38:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3776607905224021&bg=!pqWlperNAAY3kmNgF5I7ADQBe5WfOCUR-L9bV1rLcViKHHfrMFVCkmtvcludd9dEfQ0oMLcSeXHYwOY37alqcrRfYYyjAgAAADBSAAAAAmgBB5kC9nA2nSDUiDT0KYwP7E7vxoe5Fx8VmYTNlCuu8s7Pn0nKa0fTOqJ2eoITjwIzL8SUAZaZ6nT1a8eQ1CsuXvuDES0Pe3ATL4IXcevPFLaPi03YQwWFBdeT0f0OgHUzI_Y4k8y-qFRcwEH7eubT-fhcxwB2I3WPxlidkcWgMMwaVCxxqNdBQ0BjgQePk7iZduvfSxaPnFif-UsMo6_PM5tqL_dkGBUuun8BA80tT1wvyIYkxYVcNMkOv_TQEFxNy4FvV_bobna5XU2K2m9jQ4oJpD7QGYDMyS54n4gvu-e45MEHjvdWKX1zVGUmyGabvrZGbsR3cg1xDeAl98eTLxI_dQ9HTGaw1v9HTd8D_HcwqeGTBEt0bUb508NZEKdYwXiTOTnVMqVceyOjhe4y0Xz-IM_2EQtbPmarTe8VsEDD1FjxQTGDsuCsM-v8TCEYAWx-ptqEYJ4SR9EAbB8kasJdtQZ3skilE-W-UVl3CO1WTpJLkw-NYGpL8cHYM76srKLf9tlpzk2Srt-ti96pRvrq6YrSJ_JjBH5Zksr9cTqH61bXwV-9pIhxEuY2RujTHA2yIJ0T5spidN0bh9mrm6kviXhowGhqKSEBmYoNWtiqQaYzVeMchwVFwCxQ9xqGGcCsE02GX3wd0YOJvJvS0ceiYq0gnac5ftQHH_Wac5Fo0nlGysI1d2D3kr3wBLTOs_cwbLODwBLMRSg4TjEoNjO5Mdq25ysjujCrX5ws-IAWtv94-6wAq45xql03_k5BP3btpQ2jnNAuOGLuuGf9ZFVAEQuzuWDKqSnhNsZPBWjtNfZsTncvPt1TZO9HCqVlDx38JwQwCRuZKMF-PdikPYL6L_8QQGwl8c5TP3sBwiRJNNqEuDOcDEbQG38cbH1pbUb_wKDy25rTPsiuGw60vzoIVD91MmEoT8cOxcWgJUFbR-buBgatRpmjqhWbrcd26iuv8TJ2UgtH_rnzc0yLLedO5Fv40oxeflStbWgMMSG9bp6p189Otr1c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L04HQHN9RZ&gtm=45je3bt0v9103726923&_p=1703493482156&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1704309702.1703493482&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703493482&sct=1&seg=0&dl=https%3A%2F%2Fsafe.sur.ly%2Fo%2Fwebmail.sonatrach.dz%2FAA000014%3FpageviewId%5C%3Ddesktop-302e3439333332363030203137303232383736343320353031313437363038&dt=Outlook&en=scroll&epn.percent_scrolled=90&_et=3&tfd=5760
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L04HQHN9RZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safe.sur.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 08:38:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://safe.sur.ly
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
webmail.sonatrach.dz/
Redirect Chain
  • https://safe.sur.ly/external?url=webmail.sonatrach.dz&forceHttps=0&panel_lang=de
  • https://webmail.sonatrach.dz/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
webmail.sonatrach.dz
URL
https://webmail.sonatrach.dz/

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| $ function| jQuery object| device function| Panel object| App function| sendAbuseMessage object| googletag function| receiveMessage function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac boolean| google_plmetrics object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
safe.sur.ly/ Name: visitor_id
Value: 2a3358626becf7f65c8c23f6271cd065c54504fb
safe.sur.ly/ Name: surl_panel
Value: 1
.sur.ly/ Name: _ga
Value: GA1.1.1704309702.1703493482
.sur.ly/ Name: _ga_L04HQHN9RZ
Value: GS1.1.1703493482.1.0.1703493482.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.sur.ly/ Name: __gads
Value: ID=1b8df1c8579bbd23:T=1703493482:RT=1703493482:S=ALNI_MZxn25folrZWWa8oOTGL5kvfQcbHw
.sur.ly/ Name: __gpi
Value: UID=00000d2aefa2ebd8:T=1703493482:RT=1703493482:S=ALNI_MZC-_IflPKNXOBPgzP0eZXgfXZeXA

8 Console Messages

Source Level URL
Text
security warning URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Message:
Mixed Content: The page at 'https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/wp.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Message:
Mixed Content: The page at 'https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/jml.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Message:
Mixed Content: The page at 'https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/drpl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038
Message:
Mixed Content: The page at 'https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/php.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038(Line 476)
Message:
Mixed Content: The page at 'https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/wp.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038(Line 476)
Message:
Mixed Content: The page at 'https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/jml.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038(Line 476)
Message:
Mixed Content: The page at 'https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/drpl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038(Line 476)
Message:
Mixed Content: The page at 'https://safe.sur.ly/o/webmail.sonatrach.dz/AA000014?pageviewId\=desktop-302e3439333332363030203137303232383736343320353031313437363038' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/php.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2aecda7864ffba54370ae296f0290b35.safeframe.googlesyndication.com
cdn.sur.ly
img.sur.ly
pagead2.googlesyndication.com
region1.google-analytics.com
safe.sur.ly
securepubads.g.doubleclick.net
sur.ly
tpc.googlesyndication.com
webmail.sonatrach.dz
www.google.com
www.googletagmanager.com
www.googletagservices.com
webmail.sonatrach.dz
2001:4860:4802:34::36
2606:4700:20::ac43:4aeb
2a00:1450:4001:80f::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2001
41.106.5.206
54.173.41.122
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
2b752c6d76ce2465e3945d6a52efc4d5a5f3f7b94fc83844d66541ca9aa2a298
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b6dfe71179b148708d299980302200a1ba864d38072d1e96166ec05d11dc217
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
687aa3f2e902b02283d9a08521b7d77314cd2c7a1c921006974c8e40382bae08
6d807580af97db6827b4aed1ac012836b008aa3f696bf0348dcfce9356fe321e
887a0a4077848cdbf705cc8be086a4ab5a671c16830be4fc6cb0bccf7d73ca36
893f9fbf43e5c59e7f3fde7dc3e3596bca16a8e1e02e0972d456fba3a67cb20a
8c309a6aa24a5d5e94c3f0e571f543df68c75a67ef0fef9ad3d2705f9f8b5409
8c9dfaee8550dd6bd75f1c93c556f610b990f8b6d64049b741da2ccd6b88e857
93e1c897dcf175c8d98561fb24cb06aa2d6860fba7a24eb90d4c60cfe5a9e5b5
965927282408a0c1384214531aeb2070e3ee108f43b370bdba2680e75ad5f533
99bfdf3fec5f85f15ff7eab703567df493fd816c9f5def19324ad81e3c3da40d
a582b24e6ad02aba9a4f07f72852816f19a6a32593faa2a2a105bcd39914bb56
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b427c5334dff98e924517eed48d194a4fa2575d97e368596b6d005cc7be04e3a
baba3988b5be911a40b685194ebb47eacfdd29ff65c6ca357974c57c5e10c8fa
bd57c5a16136024980e026b9f32c3554384951a695fc3a999844cc444d1028fe
cec8d075b1f6aa1ac3f7de58d8f47df98b8a91ee8a93d8712579568e66c4b490
cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e
dba6393369ae26cdaf4fda3d724db47e6c6a27c1ff94c4f4440f59373891b06c
df45d2380d3576524448872de57a016dc9af5f31fd3d844328660730fad1b50a
df5af72bed6161fd02ece4c963700082b7d86d4ea536b740115da62c4729d62f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62e9aef008e64e5f492d7a242a81067d7e229d3ccf0127e9b10033d05b4b618
f336e0be5ee4654e147babcef26e8f3f943cfc7d879edf69cde244aa2ca9c153
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729