sa.rosheta.com Open in urlscan Pro
2606:4700:20::ac43:483b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sa.rosheta.com/ar/ViewOrder/168228
Effective URL:
https://sa.rosheta.com/ar/404
Submission: On November 04 via api (November 4th 2023, 4:04:35 pm UTC) from SA — Scanned from DE

Summary HTTP 44 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 44 HTTP transactions. The main IP is 2606:4700:20::ac43:483b, located in United States and belongs to CLOUDFLARENET, US. The main domain is sa.rosheta.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2023. Valid for: a year.

This is the only time sa.rosheta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:e13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	2606:4700:20:... 2606:4700:20::ac43:483b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
44	15

1 2606:4700:20::681a:e13 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sa.rosheta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::ac43:483b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sa.rosheta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	rosheta.com 2 redirects sa.rosheta.com	971 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	225 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	10 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	88 KB
2	gstatic.com fonts.gstatic.com	62 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181	603 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	80 KB
44	12

	Domain	Requested by
17	sa.rosheta.com	2 redirects sa.rosheta.com
7	pagead2.googlesyndication.com	sa.rosheta.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	cdnjs.cloudflare.com	sa.rosheta.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	sa.rosheta.com connect.facebook.net
2	www.google-analytics.com	sa.rosheta.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	sa.rosheta.com
1	www.google.com	tpc.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.facebook.com	connect.facebook.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
44	15

This site contains links to these domains. Also see Links.

Domain
www.rosheta.com
kw.rosheta.com
om.rosheta.com
ua.rosheta.com
www.facebook.com
api.whatsapp.com
www.instagram.com
twitter.com
plus.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-10` - `2024-06-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-13` - `2023-11-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://sa.rosheta.com/ar/404
Frame ID: 30B74B7ABE9E457B25E9AF0626E7BBA7
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: 7EB86E74C59C6097FCA413A023B173FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9187768641746919&output=html&adk=1812271804&adf=3025194257&lmt=1699113870&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsa.rosheta.com%2Far%2F404&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699113869883&bpp=5&bdt=518&idt=343&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=322960924560&frm=20&pv=2&ga_vid=312647263.1699113870&ga_sid=1699113870&ga_hid=213767392&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079081%2C31079190%2C31079231%2C44807047%2C44807336%2C44807455%2C31078297&oid=2&pvsid=1152643214468123&tmod=1939523807&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Frame ID: 770A607E1592FBCE7E0BF20C6036C4CF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77230CB12C460C19A8537687C4B24144
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B58ADE72AC4C7BC0CB25560DE2EEBB7E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

صفحة غير موجودة - روشتة دوت كوم السعودية

Page URL History Show full URLs

http://sa.rosheta.com/ar/ViewOrder/168228 HTTP 301
https://sa.rosheta.com/ar/ViewOrder/168228 HTTP 302
https://sa.rosheta.com/ar/404 Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

44
Requests

100 %
HTTPS

100 %
IPv6

12
Domains

15
Subdomains

15
IPs

3
Countries

1471 kB
Transfer

3435 kB
Size

8
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rosheta.com/
Title: مصر

Search URL Search Domain Scan URL

URL: https://kw.rosheta.com/
Title: الكويت

Search URL Search Domain Scan URL

URL: https://om.rosheta.com/
Title: عمان

Search URL Search Domain Scan URL

URL: https://ua.rosheta.com/
Title: الامارات

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RoshetaEgypt/
Title: تابعنا على الفيسبوك

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=201066144449
Title: اتصل بنا

Search URL Search Domain Scan URL

URL: https://www.instagram.com/roshetaegypt/

Search URL Search Domain Scan URL

URL: https://twitter.com/RoshetaEG

Search URL Search Domain Scan URL

URL: https://plus.google.com/117806463725761798999

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sa.rosheta.com/ar/ViewOrder/168228 HTTP 301
https://sa.rosheta.com/ar/ViewOrder/168228 HTTP 302
https://sa.rosheta.com/ar/404 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request 404 Show response
sa.rosheta.com/ar/
Redirect Chain

http://sa.rosheta.com/ar/ViewOrder/168228
https://sa.rosheta.com/ar/ViewOrder/168228
https://sa.rosheta.com/ar/404

19 KB
5 KB

92ms
91ms

Document
text/html

2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.rosheta.com/ar/404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e169c878372e758ea555c1c58e4f3c9dda1918c79050216af5f10d0b0485320

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 820e17d308c06910-FRA
content-encoding: br
content-type: text/html
date: Sat, 04 Nov 2023 16:04:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gbSw5R5NArxJaruMHUgbHg0cC5E3u4ALQ1JJw322wfCaZaSStNv3fp%2FS%2FXMXIKJ3ScGt7WGu%2BTj52inZ2782%2FMWh3rjHh%2FA5Y%2FHnE9wX64mqkL6e%2Bf9O4cJkYj3sZm%2B8NZ5XffY5gbQlbDY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 820e17d2783b6910-FRA
content-language: ar-SA
content-type: text/html
date: Sat, 04 Nov 2023 16:04:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /ar/404
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3d3WPQGJ1HLJxn19lQD%2FhF58uGQjRfKhbirzCWnIDr0Fx8DkmI6l4oKdlRGnYVGVJwl6ihcz8OmhGFL7G8SVx8b6RNJUf%2BvIt9T%2FCKIL4PiLlBXQDSUGyaz1Z5mMs6BhDECq%2FDRMj0C8sRh"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 sweetalert.min.css
cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/ 16 KB
3 KB 146ms
61ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/sweetalert.min.css

Requested by

Host: sa.rosheta.com
URL: https://sa.rosheta.com/ar/404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8975187e46d59798ad7786c09051f99a330437995df6ddce1ef5d7dc853c5315

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3375164
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2728
last-modified: Mon, 04 May 2020 16:16:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff8-41bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMXCmw%2FcdnAPo4hVevGaB43gohmNHX94puLmVs14sWN5mPzAcqY2YjLxGg7XZNCgvus6RLySaJ5gmXhKFD1pSJaRrdjgwvB9EFebGz0DN838iadFdJ0fGInwpdEiGcpsrDsWOeOlHFsc32BnaWylc86I"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 820e17d428354d97-FRA
expires: Thu, 24 Oct 2024 16:04:29 GMT

GET
H3 200 custom-ar.css
sa.rosheta.com/content/themes/newHtml/css/ 69 KB
15 KB 88ms
87ms Stylesheet
text/css 2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sa.rosheta.com/content/themes/newHtml/css/custom-ar.css
Requested by: Host: sa.rosheta.com
URL: https://sa.rosheta.com/ar/404
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7766c5d528dfb18064ae8f3c9d359e4e7d82018935da37da2cc4ad1f128dc82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Fri, 25 Aug 2023 23:26:04 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=94127
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbfpTS29ODyONg2O0QCv2G9FXRVbSBF0j0zc2wrsmAvs5T8MwA1u%2FBDoqwiUev3pdmR4385lf3wkfqwfCawjJoSsAMKdCfCST6Jy7BxYVJXtbnC019%2FYoU9FqkKUa3tjEp1Tw6i10ygPc%2Fig"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 820e17d3ac9d18dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 doctor_cart.png
sa.rosheta.com/content/themes/newHtml/images/ 14 KB
15 KB 56ms
55ms Image
image/png 2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sa.rosheta.com/content/themes/newHtml/images/doctor_cart.png
Requested by: Host: sa.rosheta.com
URL: https://sa.rosheta.com/ar/404
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc17d1931d4d7815382705904c3615b4088da90178ce49bb33e067b7a407ae5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 20 Mar 2017 12:47:54 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=not_needed
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6XGGcASwbB81Qcblfc3WH5UpN3kIKpgLG25C6J0pS%2BokSnJdYH9bUAQNyHoFvxrkuGouSj4RTqpWi%2FTre8GKpnDIG0Ns60%2BKtmhLyz4furAG6fkb2yTsdzxPNgmX1GXmeDoeqwPc6HfRQtY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 820e17d3ac9e18dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14680

GET
H3 200 us.png
sa.rosheta.com/content/themes/newHtml/images/ 612 B
1 KB 56ms
55ms Image
image/png 2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sa.rosheta.com/content/themes/newHtml/images/us.png
Requested by: Host: sa.rosheta.com
URL: https://sa.rosheta.com/ar/404
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75e3bde71e2376cef1d70eff8f7d6b7f50f0a9b8a349f3f534e4410ba2e4e292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Wed, 04 Jul 2007 20:20:40 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=656
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71XDIJEkAna55fq2ZOdS0CdXhn4CiDmFRugAqmPq7E%2FXo00uaTA65%2Ft2C5%2B6cTsL22lLM9DxnyWVpR8%2F9tQdu2qy5Xsmu9mrkGJhmhEIth%2BIjGp79eFiYFUeb7x0l1aENJ4Vg0WTMYmNS78s"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 820e17d3ac9f18dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 612

GET
H3 200 brand.png
sa.rosheta.com/ 4 KB
4 KB 125ms
124ms Image
image/png 2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sa.rosheta.com/brand.png
Requested by: Host: sa.rosheta.com
URL: https://sa.rosheta.com/ar/404
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6005d45ab3bb7ade921721c3e3a6a5be444c8549c4853776da6a9ce58cea629b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 20 Mar 2017 12:46:23 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=not_needed
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSpIpy5bOuzaCJWzsuuZ5Dva7XL2FnI%2FLikqQHCJkPQxKMeCedeulLrJxRquBz9J2ukvR%2BaRvj4R1dTq0G8msD0GMDDMArfC5lu%2BOliPqMF76MQBhpgLKg6JW7er6nGFmCqDvbjbK0Ygl8PQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 820e17d3aca118dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3972

GET
H3 200 brand-inner.png
sa.rosheta.com/ 4 KB
4 KB 126ms
125ms Image
image/png 2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sa.rosheta.com/brand-inner.png
Requested by: Host: sa.rosheta.com
URL: https://sa.rosheta.com/ar/404
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 305642a4290a55bbe0f23b4bb82cffda264268bf869e31c5d72ac7fe47811c63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:100,h2pri
last-modified: Mon, 20 Mar 2017 12:47:58 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=not_needed
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cz4g0C0MiYevLglixeCu5v9PspKtXmK%2FPrbRThuesm6BEgOJ%2BwhurX0epKgf3kTtryeyV71blwemUb%2B%2B9xN310XNJ0e7jDIO9IBfZ1T7a7X9CA73RdROc339NxDtMeCz031dKJaZckTlEUvq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 820e17d3aca618dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3969

GET
H3 200 404-img.png
sa.rosheta.com/content/themes/newHtml/images/ 107 KB
108 KB 127ms
126ms Image
image/png 2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sa.rosheta.com/content/themes/newHtml/images/404-img.png
Requested by: Host: sa.rosheta.com
URL: https://sa.rosheta.com/ar/404
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c97dc024a3a5bb3feb9c16afab9fb48bdb98aaa72871d07a6f877e1bf4d2986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 20 Mar 2017 12:47:54 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=138025
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npZDsc8Ztdx19%2FlkvUKWE9JY%2FxMpJUAPNE2oaqF0ijAL8c0n6WWOKCzPf8gotcQ9RfpYqpEnJf5MjHa9cW8Uk0NCFrvW%2BlGmos%2BdtncdZnhAW%2F3Fht9kW%2BBkfEWYN70Wf8uIKF2uRyj0hXJg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 820e17d3aca918dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 109587

GET
H3 200 rocket-loader.min.js Show response
sa.rosheta.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 47ms
46ms Script
application/javascript 2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.rosheta.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: sa.rosheta.com
URL: https://sa.rosheta.com/ar/404

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Oct 2023 14:30:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"653bc982-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0l%2BYCA0g67gizxpKCOw9cbIktlNxyBxpK33aNvz%2FniLtuqLYmzPDgzVbIDryM%2BNkxgxdUOmbN4pF%2Bywx7mS9QNG20bWxLTGOwMLbGA0XZD1ymdPF3PAB%2Byrmonb5EfnJDqpQxXWUj9H5CFr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 820e17d3acab18dc-FRA
expires: Mon, 06 Nov 2023 16:04:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 136ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Requested by

Host: sa.rosheta.com
URL: https://sa.rosheta.com/content/themes/newHtml/css/custom-ar.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

607007014d9837aa57a9d2288ca0ed2bcbd7b8709d3160aa85df3f0f68120199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/content/themes/newHtml/css/custom-ar.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Nov 2023 15:00:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Nov 2023 16:04:29 GMT

GET
H2 200 droidarabickufi.css
fonts.googleapis.com/earlyaccess/ 1 KB
382 B 136ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/droidarabickufi.css

Requested by

Host: sa.rosheta.com
URL: https://sa.rosheta.com/content/themes/newHtml/css/custom-ar.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/content/themes/newHtml/css/custom-ar.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sat, 04 Nov 2023 16:04:29 GMT

GET
H3 200 flaticon.css
sa.rosheta.com/content/themes/newHtml/css/ 2 KB
990 B 109ms
109ms Stylesheet
text/css 2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sa.rosheta.com/content/themes/newHtml/css/flaticon.css
Requested by: Host: sa.rosheta.com
URL: https://sa.rosheta.com/content/themes/newHtml/css/custom-ar.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bfb9a1e544730534eb0b503d631f052ff6dabb35095d349f48a8f05775e9b45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/content/themes/newHtml/css/custom-ar.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Mar 2017 12:47:54 GMT
cf-bgj: minify
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sS1UZfElPtjfW4xDFJ352ZFoCOwE0vwIPWBWH8QHed9p5Y8rB8cRypf%2FVuEdauRcIq2FngwkNabK6Dhobw%2BAUReVfFRhAmU%2FVkJmNTHaDFrlELN40Xevvl56ti5eh%2FoXjGbjS7IPyI%2FcVeP0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 820e17d44d5a18dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 vendors-ar.min.css
sa.rosheta.com/content/themes/newHtml/css/ 350 KB
54 KB 110ms
109ms Stylesheet
text/css 2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sa.rosheta.com/content/themes/newHtml/css/vendors-ar.min.css
Requested by: Host: sa.rosheta.com
URL: https://sa.rosheta.com/content/themes/newHtml/css/custom-ar.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc57c08a4caa647716a9daee5a2618742d6907d32cf75bdd0280957e7ae6d51d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/content/themes/newHtml/css/custom-ar.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Mar 2017 12:47:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USMScVCIytxPWqsvykJDZRkne9xjErr7sFLi84glfYxbc1558%2BnHYzoRt2Jhtz8kCy787w0wK4p6Gwbf7YvWDXjq4a%2FfEAMiz9wcdMRydcFpNzeh6%2FRAyxy0tCgbP%2FN%2F89ZM54TYSteJObEC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 820e17d44d5e18dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.js Show response
sa.rosheta.com/ 2 KB
1 KB 55ms
55ms Script
application/javascript 2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sa.rosheta.com/main.js
Requested by: Host: sa.rosheta.com
URL: https://sa.rosheta.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70fd7b6717d7c79cd40d4032f8bad50b79c51e01c60d255806f1141f7c12e9e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 20 Mar 2017 12:46:23 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3953
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72ebLOeb5hcC8x2RMqD55YOkuXlSnwEDPicLiwWYGR6Uu2XZWVKU0PIgKlvmbn43%2BrQsJFCY%2FPmGlemQmymH7nHn4xcRfu1Fw%2FrgQtKKk7FV%2BtLnxbL0R3uAEezNfTTnVm14TJsZ5S3Lg1sy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 820e17d52e4d18dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 config.js Show response
sa.rosheta.com/ 157 B
572 B 54ms
54ms Script
application/javascript 2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sa.rosheta.com/config.js
Requested by: Host: sa.rosheta.com
URL: https://sa.rosheta.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fd0a70a2c95892bf544063a2f6f72dd1a08a2d9cfc61a3d914afee166985fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 26 Sep 2023 22:55:54 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=172
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHVtQrFzzNlYbA%2FVfkVQe2MZNUf0DSj8r%2Bb6APZdp78YnLneOlx3REQgyZmFHokRESRNU4AlIusG%2FIENGwFiTzH440p4i%2B9zSRJ0bEabJv4ZklCNxdumqLh36GQAeT%2BpIxJhMKSb8ZHYeYc%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 820e17d52e4e18dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 custom-ar.js Show response
sa.rosheta.com/content/themes/newHtml/js/ 10 KB
3 KB 55ms
54ms Script
application/javascript 2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sa.rosheta.com/content/themes/newHtml/js/custom-ar.js
Requested by: Host: sa.rosheta.com
URL: https://sa.rosheta.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aa889c61286192c3f9534886d60e743f4cfc2585f86aa14ee2f6255421ed220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 18 Jul 2020 12:19:37 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=30727
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FH5HvssUxG%2BlxMoNXrupuFNIz2Ad3%2BctAzcdPED9sHtENGP56UQt7ByI7%2BGaU9jbvSP2qbi4GsQfZjrnokZpY1U%2F4vQH4joMubvrQMmlhkrj5U7bMGEA1oxfo0z%2FD2R9dcHUzBMKRBND56zL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 820e17d52e4f18dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 flipclock.min.js Show response
cdnjs.cloudflare.com/ajax/libs/flipclock/0.7.8/ 20 KB
5 KB 56ms
55ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flipclock/0.7.8/flipclock.min.js

Requested by

Host: sa.rosheta.com
URL: https://sa.rosheta.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd91605185911275c90f0dcf3100128869b31d52fe54d7dc03979a5e18a9c1a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 946883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4733
last-modified: Mon, 04 May 2020 16:10:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5e-5174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uazIA%2FzhVER4to7F%2BHBtjstpVEn4uP7SYTpEN7XnrO0%2BWosVGKn50bYig5Rccq1RIYhfOoZd5SV4F7GB7YDgSn3qPKOXZBbIPMfhGgNHM%2Ftfeq%2F0GZzzEw%2Fv6c1PIhuV%2ByXN2wMxKfREHB98jiVMdTWv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 820e17d529354d97-FRA
expires: Thu, 24 Oct 2024 16:04:29 GMT

GET
H3 200 6d645730848f922616356bfa2b9bb26d.ar.js Show response
sa.rosheta.com/content/js/ 494 KB
141 KB 123ms
123ms Script
application/javascript 2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sa.rosheta.com/content/js/6d645730848f922616356bfa2b9bb26d.ar.js?1699113869
Requested by: Host: sa.rosheta.com
URL: https://sa.rosheta.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f8c88d53f2af03d3b80ed7a3575daba7d0a9a3672ccb08be7e7b69a1f29af73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 12 Jan 2022 12:47:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvYYO3WKcj1qBxfn215Ik8FgXPJrs4gz%2FyxpOi0iO3sqRiHuIcoGbTP7K8IGGAC1mZCQNlae2b6Ex3rz7jzFY2lOQ3ynLjjaDPcI32N8jHKTOS5sA1mOQ3TMQd%2FvcFwk4QKDQ4q7vqoq3UmA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 820e17d52e5018dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 183ms
95ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9187768641746919

Requested by

Host: sa.rosheta.com
URL: https://sa.rosheta.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eeaf2ea96a60f32fbbf9f550c687707e67571c9c1a0671f394e32f532f25b392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sa.rosheta.com/ar/404
Origin: https://sa.rosheta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51911
x-xss-protection: 0
server: cafe
etag: 1349479972639177345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 16:04:29 GMT

GET
H2 200 lazysizes.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.1.2/ 7 KB
3 KB 48ms
48ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.1.2/lazysizes.min.js

Requested by

Host: sa.rosheta.com
URL: https://sa.rosheta.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31dd6a2d3a1ec0f78a8df007535cf23f03aeb5c70f026e6d6a19dac3b3acc340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 394520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2954
last-modified: Mon, 04 May 2020 16:12:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed0-1b94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FejvQU4XHH39cKIVyjNVGSmBXyDDP8F5uY7xVgVd1q0q%2Fy3sz%2BS%2BYcBIP7bVQHR82LtT%2FngyUB0jDdLZIoqxbD2hg3BvwWyJ9d%2F9tINnySHRlnmX%2BpCLjPTeqwve4StKABgL09jhEu%2BzrQkdctI9tOi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 820e17d529364d97-FRA
expires: Thu, 24 Oct 2024 16:04:29 GMT

GET
H3 200 icofont.ttf
sa.rosheta.com/content/themes/newHtml/fonts/ 995 KB
612 KB 63ms
62ms Font
font/ttf 2606:4700:20::ac43:483b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sa.rosheta.com/content/themes/newHtml/fonts/icofont.ttf?v=1.0.0-beta
Requested by: Host: sa.rosheta.com
URL: https://sa.rosheta.com/content/themes/newHtml/css/vendors-ar.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:483b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac2e76e07a7208cc4c0f7afb773a89a314c4d13bf7f6def920ad50817e6ba735

Request headers

Referer: https://sa.rosheta.com/content/themes/newHtml/css/vendors-ar.min.css
Origin: https://sa.rosheta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Mar 2017 12:47:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsF9Ti%2Fu9ba4GFf3TtJQJt25zldDvlEtdGbEJCr2h%2FNWderUIm%2FKyCIMXXpDKxPEJ5Seq8tb%2Ff5d8z2Rh5P6W3KYzWjbsnIKbVQ8HTbBZM%2FQQ%2FL3ptXeVN%2BqDAu2AZ4f5I2tFcCNWARxIadu"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 820e17d53e5a18dc-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 DroidKufi-Bold.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 31 KB
31 KB 128ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Bold.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/droidarabickufi.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sa.rosheta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 07:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31448
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 07:45:12 GMT

GET
H2 200 DroidKufi-Regular.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 31 KB
31 KB 174ms
87ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/droidarabickufi.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sa.rosheta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 16:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31147
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 16:37:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 243ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sa.rosheta.com
URL: https://sa.rosheta.com/content/js/6d645730848f922616356bfa2b9bb26d.ar.js?1699113869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 04 Nov 2023 15:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 888
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 04 Nov 2023 17:49:42 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 247ms
43ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: sa.rosheta.com
URL: https://sa.rosheta.com/content/js/6d645730848f922616356bfa2b9bb26d.ar.js?1699113869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d56aed33766448a683ae44afe35eb6006c7ff7267b802e4116e3dfd0001da8e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 04 Nov 2023 16:04:30 GMT
content-md5: BHb/XluBQ9wXwbpT/hw/yA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: GGSx63VZd9uOLM+f4x9HbRN3bifhoKnMlMKjyP97fW9RqZzilXh33RehF2HAjxRA+FdpT5xhJVfpzb4j9zo/qg==
x-fb-content-md5: f3735f3700736ca0b39d0d15c7fe2027
cross-origin-opener-policy: same-origin-allow-popups
etag: "f7d0d1402c71c0f2d1ff1783773fa312"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 04 Nov 2023 16:19:33 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 399 KB
135 KB 189ms
108ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9187768641746919&plah=sa.rosheta.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9187768641746919

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1af98d39827906faafdbb75961e135aabd425223944cae3a6743126ebb45a7c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138245
x-xss-protection: 0
server: cafe
etag: 7446430708629046158
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 16:04:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame 7EB8 10 KB
5 KB 172ms
39ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9187768641746919

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sa.rosheta.com/ar/404
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 09:26:10 GMT
etag: 251720774729838433
expires: Sat, 18 Nov 2023 09:26:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 83ms
42ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=8013511b96cf441f944f377e31d5aad4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed914709cdb756625930c5a45082b3ed9fbf98c97bae1ad4668a33a8a2e534e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sa.rosheta.com/ar/404
Origin: https://sa.rosheta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 04 Nov 2023 16:04:30 GMT
content-md5: Yw5Z3/xeCtVbS9wrpjcTvQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87814
reporting-endpoints
x-fb-debug: EKICLS5ml1xTl5NkMtsfKSmY8KkQuz/8xantiNIxJTwk4jMQ/2Ndfjh/uR6McixbPpkXEezN3yWiSaHjQNh3Lw==
x-fb-content-md5: 4aa015902d2bfc7c6cc05992b24efc0b
cross-origin-opener-policy: same-origin-allow-popups
etag: "d8cbe85830c9d86acbb91f28c8e9d1f8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 03 Nov 2024 15:09:04 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
221 B 47ms
46ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=213767392&t=pageview&_s=1&dl=https%3A%2F%2Fsa.rosheta.com%2Far%2F404&ul=en-us&de=UTF-8&dt=%D8%B5%D9%81%D8%AD%D8%A9%20%D8%BA%D9%8A%D8%B1%20%D9%85%D9%88%D8%AC%D9%88%D8%AF%D8%A9%20-%20%D8%B1%D9%88%D8%B4%D8%AA%D8%A9%20%D8%AF%D9%88%D8%AA%20%D9%83%D9%88%D9%85%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=951873708&gjid=589262894&cid=312647263.1699113870&tid=UA-84832001-1&_gid=1848728469.1699113870&_r=1&_slc=1&z=1127386811

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fb3a5f1e5beda259f76ceb8c98dd28c3f21f8ef282d20e8979688b995663fb17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sa.rosheta.com/ar/404
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 16:04:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sa.rosheta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 147ms
48ms XHR
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-84832001-1&cid=312647263.1699113870&jid=951873708&gjid=589262894&_gid=1848728469.1699113870&_u=IEBAAEAAAAAAACAAI~&z=972801092

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sa.rosheta.com/ar/404
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 04 Nov 2023 16:04:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sa.rosheta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
80 KB 146ms
56ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CXY83Q41E6&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e173cdec07040bbccbceae6d462f6dbcace85b74934132347dbf85346c4fccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81236
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Nov 2023 16:04:30 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
603 B 524ms
73ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sa.rosheta.com&callback=_gfp_s_&client=ca-pub-9187768641746919

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9187768641746919&plah=sa.rosheta.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1063ab1bad41af22ab2b911409354b9bfca6d18948d7af363b567d648caa3125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 770A 10 KB
5 KB 493ms
493ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9187768641746919&output=html&adk=1812271804&adf=3025194257&lmt=1699113870&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsa.rosheta.com%2Far%2F404&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699113869883&bpp=5&bdt=518&idt=343&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=322960924560&frm=20&pv=2&ga_vid=312647263.1699113870&ga_sid=1699113870&ga_hid=213767392&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079081%2C31079190%2C31079231%2C44807047%2C44807336%2C44807455%2C31078297&oid=2&pvsid=1152643214468123&tmod=1939523807&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98df091e562c20056d6514a6eace1fafb50fe5fc342c8ebc974d52bef898df91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sa.rosheta.com/ar/404
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4690
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 16:04:30 GMT
expires: Sat, 04 Nov 2023 16:04:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed%20navbar-transparent%20white%20bootsnav%20%20navbar-mobile%20on%20menu-center&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 16:04:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 92ms
90ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b9e365eb24520051e99a044261cdad00d5e703108f9c77c6e5a858631760fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12165
x-xss-protection: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 545ms
145ms Fetch
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1433609306888833&input_token&origin=1&redirect_uri=https%3A%2F%2Fsa.rosheta.com%2Far%2F404&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=8013511b96cf441f944f377e31d5aad4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Sat, 04 Nov 2023 16:04:30 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: ITmSRz4p5Xr6oUWicW56u6ojpuI7v3jduU53MkaClc7LKZ8sUjTaqCBcoTB8AmSkFm0kdhdyDTyCPPCBldZgbA==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sa.rosheta.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 477ms
143ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 16:04:30 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 301ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CXY83Q41E6&gtm=45je3b11v9112414398&_p=1699113870176&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=312647263.1699113870&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fsa.rosheta.com%2Far%2F404&dt=%D8%B5%D9%81%D8%AD%D8%A9%20%D8%BA%D9%8A%D8%B1%20%D9%85%D9%88%D8%AC%D9%88%D8%AF%D8%A9%20-%20%D8%B1%D9%88%D8%B4%D8%AA%D8%A9%20%D8%AF%D9%88%D8%AA%20%D9%83%D9%88%D9%85%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9&sid=1699113870&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1444
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CXY83Q41E6&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 16:04:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sa.rosheta.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7723 13 KB
5 KB 44ms
42ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sa.rosheta.com/ar/404
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 74105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 19:29:25 GMT
expires: Sat, 02 Nov 2024 19:29:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B58A 829 B
1 KB 277ms
54ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab1c3d03c0afca13ab473a120d306313474409b527b69d4dfbabb260fb54417a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lCOXp_EoE8tmkV0xcIMiBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sa.rosheta.com/ar/404
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lCOXp_EoE8tmkV0xcIMiBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 16:04:31 GMT
expires: Sat, 04 Nov 2023 16:04:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7723 38 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 19:04:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Nov 2024 19:04:57 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7723 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2hq-1Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:04:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B58A 0
0 73ms
73ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=1152643214468123&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
75ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=1152643214468123&bg=!MTKlMn3NAAb4oU7C2KE7ADQBe5WfOG6DWXUGA4apmmUM_N9MfIKhiNIxDhrI8DnDuQNbC52TNJKQshjCCBtSZ_tucsZ0AgAAAHxSAAAACWgBB5kDBK3IpJriASfx7yYEOgupaQdxUUJoefn1rGB_3SCBaaKmYtz1ZoBo5_88qnJlpCl59cjKgMnY995k4mYLabXRpZxUr7a9HEbeaBIBRfB_CF7iK8tjJG6G-KdbvgBe_eez-MbrDD07P41VNupaLubqcdSmKExsWTVzwqBFGrLMGxjBdZ7MaCwAu5pWhxDybFi1A69MYEd8eRdax7W-raRLPVC1x-rjI9SYR5w6JdN5RZwbFyrlq87-6jzTgS0lf_EJ3adExVPJTwomxyrHnmEi6BbZz7va84CWXeOsCY6_TeQTPUN2kEJlRCSEPCtyUU0PwXsZfva0o100zkTd4LTE3KmeHJSWKc2goX0KcSp1IeHVDI_Hiy4z3jSS5VBqlw6b7rcSY0YXmSk2RaBIs6ZpoQd-4Gx9XHO1m85kHxDM3I_upIlozpoMmmTXaMplcvFu3wp9eJbRoFXo8Kt5bXfdveOxPhLZaoyUcx_fQ6NL-pLBwUdiv2mDdWU4XYMNVN2bQ-tXeTDrlhRp3k3N4QEWor2FCm_7-vumEvykEBWB_JRymGptC_UtzHs3L6kf4Vqnfuk1gsnrE_i8bMukn2Qr64740uO2B-VsNDIad5whfu7jlmrc9XGtpVeGiGWNmi_fQQMy4zKE0eUgTUnbGfwY4l5zSxjCx-QFEDseSfSRoErFynANgR2sbiTbX85xtOmUYA8BAbbK7Nhs8IhGv304ghQhww03t0SeEHvy0LK_3do12nQPvixm-DUH44-HvpPX2al9FPf2bp6CMIDibj2aqkDbLa5H-z0OzrkeFytW6MkkM9TB2ddjtpjB_XBXTGIVaOKaT53f-zODLCRN0H3lnkfjqVU-wM3ALKcXdI570ond8d20aplMWqnXKmG3aubbusrz_4q6jjTUTnFXHzwzqK9oizyTariZrlQhC4MMZ9B1ZSw9OgYX-2JEqOzNup7TvOwY5jI6IkyQXJZFw-9T2B_1gPAO063ldEmcIYeCXY6rO5n_BGtW2_Fy_q7zg1lOurk_zgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.rosheta.com/ar/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sa.rosheta.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: rql1misj0a345k9n33chdnndf6
.rosheta.com/	1970-01-21 01:34:33	Name: _ga Value: GA1.2.312647263.1699113870
.rosheta.com/	1970-01-20 16:00:00	Name: _gid Value: GA1.2.1848728469.1699113870
.rosheta.com/	1970-01-20 15:58:33	Name: _gat Value: 1
.rosheta.com/	1970-01-21 01:34:33	Name: _ga_CXY83Q41E6 Value: GS1.2.1699113870.1.0.1699113870.0.0.0
.doubleclick.net/	1970-01-20 15:58:34	Name: test_cookie Value: CheckForPermission
.rosheta.com/	1970-01-21 01:20:09	Name: __gads Value: ID=45f03fed08ed1614-2283eda4d9e70046:T=1699113870:RT=1699113870:S=ALNI_MZk2Uw9F7M2-pDnhKE0su_ESW7Mbg
.rosheta.com/	1970-01-21 01:20:09	Name: __gpi Value: UID=00000cb4e7dadff1:T=1699113870:RT=1699113870:S=ALNI_MZ0QgO557WAsXlGIpRyHHMYK4SQ_A

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sa.rosheta.com/ar/404 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
sa.rosheta.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700:20::681a:e13
2606:4700:20::ac43:483b
2606:4700::6811:190e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c0b::9d
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be
0bfb9a1e544730534eb0b503d631f052ff6dabb35095d349f48a8f05775e9b45
1063ab1bad41af22ab2b911409354b9bfca6d18948d7af363b567d648caa3125
1aa889c61286192c3f9534886d60e743f4cfc2585f86aa14ee2f6255421ed220
1af98d39827906faafdbb75961e135aabd425223944cae3a6743126ebb45a7c6
1c97dc024a3a5bb3feb9c16afab9fb48bdb98aaa72871d07a6f877e1bf4d2986
305642a4290a55bbe0f23b4bb82cffda264268bf869e31c5d72ac7fe47811c63
31dd6a2d3a1ec0f78a8df007535cf23f03aeb5c70f026e6d6a19dac3b3acc340
31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98
3e169c878372e758ea555c1c58e4f3c9dda1918c79050216af5f10d0b0485320
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5e173cdec07040bbccbceae6d462f6dbcace85b74934132347dbf85346c4fccb
6005d45ab3bb7ade921721c3e3a6a5be444c8549c4853776da6a9ce58cea629b
607007014d9837aa57a9d2288ca0ed2bcbd7b8709d3160aa85df3f0f68120199
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70fd7b6717d7c79cd40d4032f8bad50b79c51e01c60d255806f1141f7c12e9e0
75e3bde71e2376cef1d70eff8f7d6b7f50f0a9b8a349f3f534e4410ba2e4e292
7766c5d528dfb18064ae8f3c9d359e4e7d82018935da37da2cc4ad1f128dc82e
8975187e46d59798ad7786c09051f99a330437995df6ddce1ef5d7dc853c5315
8f8c88d53f2af03d3b80ed7a3575daba7d0a9a3672ccb08be7e7b69a1f29af73
98df091e562c20056d6514a6eace1fafb50fe5fc342c8ebc974d52bef898df91
9b9e365eb24520051e99a044261cdad00d5e703108f9c77c6e5a858631760fe3
9fd0a70a2c95892bf544063a2f6f72dd1a08a2d9cfc61a3d914afee166985fbb
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2
ab1c3d03c0afca13ab473a120d306313474409b527b69d4dfbabb260fb54417a
ac2e76e07a7208cc4c0f7afb773a89a314c4d13bf7f6def920ad50817e6ba735
cc17d1931d4d7815382705904c3615b4088da90178ce49bb33e067b7a407ae5a
cc57c08a4caa647716a9daee5a2618742d6907d32cf75bdd0280957e7ae6d51d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd91605185911275c90f0dcf3100128869b31d52fe54d7dc03979a5e18a9c1a8
d56aed33766448a683ae44afe35eb6006c7ff7267b802e4116e3dfd0001da8e3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed914709cdb756625930c5a45082b3ed9fbf98c97bae1ad4668a33a8a2e534e8
eeaf2ea96a60f32fbbf9f550c687707e67571c9c1a0671f394e32f532f25b392
fb3a5f1e5beda259f76ceb8c98dd28c3f21f8ef282d20e8979688b995663fb17

sa.rosheta.com Open in urlscan Pro 2606:4700:20::ac43:483b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

100 %IPv6

12 Domains

15 Subdomains

15 IPs

3 Countries

1471 kBTransfer

3435 kBSize

8 Cookies

9 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sa.rosheta.com Open in urlscan Pro
2606:4700:20::ac43:483b Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

100 %
IPv6

12
Domains

15
Subdomains

15
IPs

3
Countries

1471 kB
Transfer

3435 kB
Size

8
Cookies

44 HTTP transactions
0 data transactions