www.rafyon.net Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.rafyon.net/
Effective URL:
https://www.rafyon.net/
Submission: On January 31 via api (January 31st 2024, 10:31:48 pm UTC) from US — Scanned from NL

Summary HTTP 106 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 18 domains to perform 106 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rafyon.net.
TLS certificate: Issued by GTS CA 1P5 on January 14th 2024. Valid for: 3 months.

This is the only time www.rafyon.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 38	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:239... 2600:9000:2394:9a00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:237... 2600:9000:237d:5800:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:244... 2600:9000:2447:c000:f:a31d:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:1400:a:e047:753:eb41	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.155.129.56 18.155.129.56	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	52.48.9.219 52.48.9.219	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
106	30

38 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.rafyon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2394:9a00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:5800:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2447:c000:f:a31d:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.optad360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:1400:a:e047:753:eb41 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-56.cdg52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.9.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-9-219.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	rafyon.net 1 redirects www.rafyon.net	572 KB
23	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386 csm.eu.criteo.net — Cisco Umbrella Rank: 8850	406 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	122 KB
6	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 423 mug.criteo.com — Cisco Umbrella Rank: 3123 ads.eu.criteo.com — Cisco Umbrella Rank: 8778 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15704	61 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209	181 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	169 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1736 google-bidout-d.openx.net — Cisco Umbrella Rank: 1735	788 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 857 id5-sync.com — Cisco Umbrella Rank: 425	26 KB
2	gstatic.com fonts.gstatic.com	62 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	989 B
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 37612 cmp.optad360.io — Cisco Umbrella Rank: 53245	63 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948	3 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1833	8 KB
1	optad360.net cdn.optad360.net — Cisco Umbrella Rank: 60243	3 KB
106	18

	Domain	Requested by
38	www.rafyon.net	1 redirects www.rafyon.net
11	static.criteo.net	securepubads.g.doubleclick.net ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
10	imageproxy.eu.criteo.net	ads.eu.criteo.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com pagead2.googlesyndication.com
4	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net 4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com
4	cdnjs.cloudflare.com	www.rafyon.net cdnjs.cloudflare.com ads.eu.criteo.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	oajs.openx.net	1 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	www.rafyon.net
1	rtb.fr3.eu.criteo.com	4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	ads.eu.criteo.com	4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.optad360.net
1	cmp.optad360.io	www.rafyon.net
1	get.optad360.io	www.rafyon.net
106	30

This site contains links to these domains. Also see Links.

Domain
www.arb4host.net
en.optad360.com

Subject Issuer	Validity	Valid
rafyon.net GTS CA 1P5	`2024-01-14` - `2024-04-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-09-17` - `2024-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.optad360.net Amazon RSA 2048 M02	`2023-06-26` - `2024-07-24`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-03-03`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.rafyon.net/
Frame ID: 4C3B3660EBDF168434442E48E6386506
Requests: 64 HTTP requests in this frame

Frame: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3A0E8E4DFAD71A880DBC8502E3E2307A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.rafyon.net
Frame ID: 92531C6205063B35A85FCD1A0254B373
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2C35563513B0A9B6E56C30569EB763D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7EEC11A6784C732397505D1CE4ED24F0
Requests: 2 HTTP requests in this frame

Frame: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AEFAACB386F9BB64827560CD7D61590C
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbrKTwAHwkUIu8OCAAeukBRR67GDPU5rgD2cHw&u=%7C1zigRQFXPPrqJBg89NlmeHLYrQ4T7zsy9ygPL9TL6S8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5EvxXFAQiGMZN0bxr_5eMVPRayZJUoVS7HOkZWJ8OnO_YZQ4rIRgj-ZsqaqhYcVRtx9zdkJtSCH55d_CYo7l1f3CZ7L-s3C2IFaifvIspDwHDCzg-QrTB22izBgLLJL58VFCk0YM9iOvOQXNmT1QmQwgQnEuuMwVy8qoJLInOV4mJUA-OQObrG5tUIx4KLUS4_HJi9DBi_ud-mrJZclANDTbRxMxRHHP7RmNWW5m0t4Cfy9gnHA3ou9fwzpX0qx8QnTIt54sPWGzXvjPZfKxz8vhIzusQ_W7-PqInNABf1VnG-zfNi9sWmwl0kwDUsgAJdsMLcwwRSCw8h704_gu8Dm-sUpwa_eksfOOynIay99MZnYncvytEGh-mFqXK35EE2Ut4QNE1269Qa7rDzCOH32TMfgGaaBACWAb3tbvLWuqHxbvUBrlZAn8faBR3F8I6P6sf2oMGPG4POvdn-1P5FSzVUTOPCvfu62YsN9hHPzMnFTTyTD0idUvJPNv7CtwXkkkVNXBNHbFdV3on6clmN4ycLj9qwdqOp4n4uj3Zkt1fUs6DsaC9DJM1SwyUB-2U9uiUer8XRCgoBE9bDsPACU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC49q8T8q6ZcWEH4KH7_UPkN2e6AfJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAn41WqksO7I-4AIAqAMByAMCqgTDAk_QAS1_FqThiZ6pBqNjpokPFoUHVl6Acd5BCvr6barnauh0kPL24kIoN0lzhLsCJfuldH3bGWvrJi5hRJ84pUMhrMnOnYPIx3XFuWsCmBsKUHtSJ_ONmWXxAHu_P-y5_3c5Bk4TZ2avKjitRkT1fxLx7yWvdOrOQFpvknTzeRn8HllxsjE0x2eoJSIYgUVv9D0W4gVn4AKKC2ACTUBZOWGhDzgdaZe2Bzpsa_PYtyWR55ygSKh8rk2s3CYwmfTdO7funsfAZn1LlCM3H8OzZVzhROxiYlVSePc71gGBfKGG4yi_26xD_ThQMkQHn2ysDZtIfRXt_5AYsj_3HgV_FP0_PBQ3Mg9TIfn4guHiF-U8ycU8V4jOmDnCQrjuJStEIsGfopbftiOnuQseiTOkhJQNF0w2qr9-U3FdpE8Gw1LttM-I4AQBgAbv4O7JiJK9-2igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYo4-NjNeIhAPyCBthZHgtc3Vic3luLTc5MjU2ODI5NDAyNTgwMjT6CwIIAYAMAeINEwjat42M14iEAxWCw7sIHZCuB33QFQGAFwE%26num%3D1%26sig%3DAOD64_2YtoWRjo-2jYqpzjzlRm0UU-rMUQ%26client%3Dca-pub-5512390705137507%26adurl%3D
Frame ID: E7D5650E151FE1B0158D1F7D001DE604
Requests: 25 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 7D708D88CF880FA81CC0BAB8DFFF639C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

رافيون

Page URL History Show full URLs

http://www.rafyon.net/ HTTP 301
https://www.rafyon.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

106
Requests

97 %
HTTPS

72 %
IPv6

18
Domains

30
Subdomains

30
IPs

4
Countries

1693 kB
Transfer

3282 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.arb4host.net/np/
Title: برمجة وتصميم عرب فور هوست

Search URL Search Domain Scan URL

URL: https://en.optad360.com/?utm_source=branding&utm_medium=display&utm_campaign=www.rafyon.net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.rafyon.net/ HTTP 301
https://www.rafyon.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.rafyon.net%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.rafyon.net%2F&rid=esp&cc=1

Request Chain 64

https://gum.criteo.com/sid/json?origin=publishertagids&domain=rafyon.net&sn=ChromeSyncframe&so=0&topUrl=www.rafyon.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=h22803xCN1F4VDFGODZ2NWtuL0NlYWxsUnNCUkZ2aEY2bDBjaWtCeWptZnk2LzRwSWhkYmZlVGpPVmZhaXNxT1M3TzN2U2pYUnl2R2dYYjZiTFozak9LSVlGYXpKck5McGZxdWRxcFRzOGRHeUlUb0xmWUhjUE9XWkVCeEg5THlKQURsYng2ckJWRnhZdmFlZ2N4UERaOGxRb0dzTU1ldzE2RHVsSlRZaURFcW1QOHFEb0VvdHFWdmFraGwxUlViMHpWOGFLdk1pVHpnWEFXRkR3STlzYnF5Mk4wYUNFcWR4aVlrTGsvK1BIU1drZzRMdjhObHVtaHB4UXhtWEtLbDFObUFWR2Q5VTNvQVNNNmlKYTZYQkhKRW82Zz09fA&cppv=2

106 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.rafyon.net/
Redirect Chain

http://www.rafyon.net/
https://www.rafyon.net/

53 KB
11 KB

198ms
157ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rafyon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94c9a6730417cfd3dd7ec9ade91cafa3df798207b4e65807d28a32933c1f3335

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84e5680baad80b05-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 22:31:42 GMT
link: <https://www.rafyon.net/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHsuqmUhdXW2iAGQ9qo%2BsavVqi7HGuUo9AK7Z%2BMZAuyKSAGS814%2F7KiElpOl8eGeevuVLCa4A4VMlYKwJ9iJ%2F0H3hKgr1S7BOOOop8kcVqgAX%2BrhQNrJNr7KC7SyNxP%2Fi95SRM4DzV5jW1ygVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 84e5680b4df51c98-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 31 Jan 2024 22:31:42 GMT
Expires: Wed, 31 Jan 2024 23:31:42 GMT
Location: https://www.rafyon.net/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3pHDzudWlzdfAYydYNH6xWyOiB%2FialyEZn3lZtbA8woj4q6ysTo6TOdwvQCSH50e%2BydOT3HFQfqTS3wQT1gIvRopX%2F1Jti3NSIvy0jmRQTfY1Mys%2FDLmQGD0yprulbLpFG6ZXJWdn3J8hjpOw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style-rtl.min.css
www.rafyon.net/wp-includes/css/dist/block-library/ 102 KB
14 KB 29ms
28ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rafyon.net/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.3.3
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f27ee92a26e2bbb2393e7695351be1c91d890492943f52cf18fcfd899666ed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 09:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5312
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUWeSvAZCa%2BkDwT7LXGiOWNwbHzD%2B9rx6%2BBNr2kZ81wKhQXlS88TOgFQag33Xjf5rXE53X%2Bg9B7qePmgkSWPGbgS%2FV8PaqsXgwPCeX60cP%2B9tcTX2oYvv4G0wLcG1nUz66gfb8vSmcBBk%2FgxXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84e5680cac500b05-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/ 57 KB
11 KB 63ms
25ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css

Requested by

Host: www.rafyon.net
URL: https://www.rafyon.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5592590
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10301
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-e4d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgO%2B25asSkFlZ1Sivn44ZjU2RvqS5rxUswNQ%2FrZ89YYsw%2FItZwMwfnrYEJTj9bQa8abmgVMpV55btOupFgNksvvYZK5KFgCTDjYfnKDCnSTgfTwJ8%2B6JnUrS%2BCsQ766mbOY0onOucsfdTx2QA65nHS56"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84e5680ce8080eb4-AMS
expires: Mon, 20 Jan 2025 22:31:42 GMT

GET
H2 200 bootstrap.min.css
www.rafyon.net/wp-content/themes/newsplus/assets/css/ 124 KB
21 KB 91ms
90ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rafyon.net/wp-content/themes/newsplus/assets/css/bootstrap.min.css?ver=46.00
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 414caa66bb79bc88c1ba6a2a415d2333c0a01aab1c15f74684dfa7542a97d2f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 10 Apr 2022 14:30:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAK3hGR4qZe7Sf0mgs4%2BLRUD4NekfrQYUBE2wSlMX4CJBQl7ayrnNbatfb0Dc3PIDeYo04zQk%2BnD4lIo6kureSCg75B9t5jwg9etH3U0VSUrMGhUgKwVFEICL52LAI1SG79Bv0o%2FtZpMfrKJHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84e5680cac520b05-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 fonts.css
www.rafyon.net/wp-content/themes/newsplus/assets/fonts/ 1 KB
689 B 26ms
25ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rafyon.net/wp-content/themes/newsplus/assets/fonts/fonts.css?ver=46.00
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6511c49ad2da79efffa24912c9b244776702a27bc8bdd4afc2855f646b443e10

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 10 Apr 2022 14:30:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5312
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzUYskZ6BrLYNlixxxVWhFSdzQi2VgeeVISsYF0DsKZCZrhIaR3kWcHv%2Fk%2BZ2ZYatvy380PgUyw14sRpoDOb8XqG9RdM%2B1ibErZMbvh6xQIflqiM7RWAVOVg2BRhVyELD9AtNhV84aWreB6zvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84e5680cac530b05-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
www.rafyon.net/wp-content/themes/newsplus/ 39 KB
8 KB 93ms
92ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rafyon.net/wp-content/themes/newsplus/style.css?ver=46.00
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a10c8b54e1c59596f5caa93f72615a4a67f92567abfb376bfe7ca630aa6107f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 10 Apr 2022 14:30:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJ4NPuXvKCQIu%2BpMZyPcjlOct9IUuSmWxyfslpjUS5vJvU869XhiBZWXLL1V9tFyK7a5vhmuzrtoloItdOw0XbcAPtfvZJpyQ3v4cxR5cfhLV%2Bvr4qHGfnN9jctT69r205Ii6V5OcjoZTsiWdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84e5680cac550b05-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
www.rafyon.net/wp-includes/js/jquery/ 85 KB
31 KB 29ms
29ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rafyon.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 09:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5312
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMwTEDY5y5txbmLj2TjqPjv0EziTtzfpPB%2BRvnWi%2BKDd61FXi1EABT3Wu6DGzb59dqSNJMuDk34pxrQbrMLs%2FD3ObZN3FlJsA5Am0Za%2FiNXftCEDjoknIsNqOf98I3gIKFDiipC4avR%2FSJxHrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84e5680cac560b05-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
www.rafyon.net/wp-includes/js/jquery/ 13 KB
5 KB 27ms
26ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rafyon.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 09:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5312
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZckD2uv2ZoStn2zMiZN7fDB1X8rw0kLcU1WAex0mJI7%2BK7HuxVhY9cU8tyz8JgorGdSxivd06oJAl17oHYtm90BuHVtv8bItahkQiIDpu3IBXPZEfezQXjyuO1%2FZI1C76lQM%2FCK%2Fl3%2BOuSQ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84e5680cac590b05-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/eea8f441-3b22-4ddb-a021-33600b968506/ 288 KB
63 KB 110ms
19ms Script
application/javascript 2600:9000:2394:9a00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/eea8f441-3b22-4ddb-a021-33600b968506/plugin.min.js
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:9a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf31958a8b9aa633555e3ac6f30047c2e54a31bbbaa3a85a7f6c2aa7bcb0f6f5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:39:00 GMT
content-encoding: gzip
via: 1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jan 2024 16:52:50 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 13964
x-amz-server-side-encryption: AES256
etag: W/"de1dd7abf149b2017a2c4c776bd0fe5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: uLH5a_LSX0qFmsaSyhbyWn1iskmZZxWQsRwsKwJbYa3uTHj8BU-8eg==

GET
H2 200 183b5691-fc93-4f3c-a7ba-3c3a1f87c01e.min.js Show response
cmp.optad360.io/items/ 3 B
401 B 135ms
29ms Script
application/javascript 2600:9000:237d:5800:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/183b5691-fc93-4f3c-a7ba-3c3a1f87c01e.min.js
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:5800:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 17:47:32 GMT
via: 1.1 826a64379fff05f157845c418fee53d2.cloudfront.net (CloudFront)
last-modified: Fri, 17 Nov 2023 12:54:32 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 103452
x-amz-server-side-encryption: AES256
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3
x-amz-cf-id: 1gqWgcRbadw5F0J15-OfztiTK0A0Fq27j6hx46lR62zmZ93k5rLSHg==

GET
H2 200 Rafyon.png
www.rafyon.net/wp-content/uploads/2020/11/ 3 KB
3 KB 93ms
93ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2020/11/Rafyon.png
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf993c352a9c882af60619f9ba8b4d66c442be85875d78497571023b2aa5d28d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 09 Nov 2020 21:32:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXUxP2U70hXI5UasCDqmcBb8MJO9MOg9ts0LQKXJwOOEa6FP%2FcX8ta3EXbYRSN93Df1ohcP2LGQQNYpnjzXwwORoImZLRwKfhETpKvqj5gtt0nE8Lv%2FNBE7NGACDU6R1QYGFjhhVwBh3dm%2F9%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680cac5a0b05-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2979

GET
H2 200 main.js Show response
www.rafyon.net/wp-content/themes/newsplus/assets/js/ 4 KB
2 KB 25ms
25ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rafyon.net/wp-content/themes/newsplus/assets/js/main.js?ver=46.00
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e31ebf113144bd88c51f9344ae69e9a0533f0484c7876157b5ce7afab3f279dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 10 Apr 2022 14:30:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5867
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=133EZfbQ3iyC3Pga14SJifIbfcyo7QU3KxPFCpkUe8u2GSX3bjrY0xLrTzAWtatVbw55RhwmuaSOV2DHzYoUy0CKe1uCceSJTDNIuClkeMyHb8x8%2FGWNo064uT8%2B5gFiYE4yBtHGlaTxlRbI3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84e5680ccc760b05-AMS
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 307b08fc-4be0-4c2a-92e1-ca7caea3f17d
https://www.rafyon.net/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.rafyon.net/307b08fc-4be0-4c2a-92e1-ca7caea3f17d
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 droidarabickufi.css
fonts.googleapis.com/earlyaccess/ 1 KB
365 B 88ms
33ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/droidarabickufi.css

Requested by

Host: www.rafyon.net
URL: https://www.rafyon.net/wp-content/themes/newsplus/assets/fonts/fonts.css?ver=46.00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 31 Jan 2024 22:31:42 GMT

GET
H2 200 droidarabicnaskh.css
fonts.googleapis.com/earlyaccess/ 1 KB
624 B 87ms
33ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css

Requested by

Host: www.rafyon.net
URL: https://www.rafyon.net/wp-content/themes/newsplus/assets/fonts/fonts.css?ver=46.00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 31 Jan 2024 22:31:42 GMT

GET
H3 200 %D9%88%D8%B2%D9%8A%D8%B1-%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A--500x300.jpg
www.rafyon.net/wp-content/uploads/2023/10/ 25 KB
25 KB 99ms
99ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/10/%D9%88%D8%B2%D9%8A%D8%B1-%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A--500x300.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f974731c9f403a588970e550dd5c911291f7257e366b89e5952b055e617b578

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 29 Oct 2023 16:57:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BRvni3ADofv6phtTvXKJH6M%2FnjPYiGsKFBIldP47V9%2BnhdclOvXW8tv2yBZqxKa4Aio96lle48hCSO%2Fe5ACtKxMSuLPDI20GuHGZppR1yn2nSV4oXr6ALAJHDt%2Fv80iMtreO9l8Xo98kkuzdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e2db954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 25469

GET
H3 200 %D9%88%D9%84%D9%8A-%D8%A7%D9%84%D8%B9%D9%87%D8%AF-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 19 KB
20 KB 47ms
44ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D9%88%D9%84%D9%8A-%D8%A7%D9%84%D8%B9%D9%87%D8%AF-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7e1fce0f4ca98d191cf972d38b5f416ae0fe18ad15cf42ef4c73aacab0510dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Nov 2023 20:43:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6943
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OtAy5DYa7uKIiXm%2BWS6CcCvBl%2Fko20hSJMBjtUdfN3091gFNCPunldTcHjpWtnCB2LmQrL%2FrQb0FORXguuBd6RxPzZZsKmFET6XtMtHS%2B1JnXALXHctQgKHr4KasYP2QF51CE5NlgNXHXH%2BCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e39b954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 19720

GET
H3 200 %D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 14 KB
15 KB 30ms
27ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9148103ca9f6c497dfde5e5342128ea3e6341e2b1469a5241947164bec5c1240

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 23:31:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2197
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BbvZnCQx27cLVveZPAxKkGgUL632cJHop%2BFmrPlJeaReR9B2TEc36gCm7Z%2B95QfI1AW53FTpw%2FbiG9UgN5M0Pn6D8zxDtlJtxl8eeRo9Ij2dUgW17lB9EKY8tJJsvfl8VK%2Fhcx2I7I1M1rRSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e3bb954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14755

GET
H3 200 %D9%82%D9%86%D8%A8%D9%84%D8%A9-%D9%86%D9%88%D9%88%D9%8A%D8%A9-360x200.jpeg
www.rafyon.net/wp-content/uploads/2023/11/ 8 KB
8 KB 100ms
97ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D9%82%D9%86%D8%A8%D9%84%D8%A9-%D9%86%D9%88%D9%88%D9%8A%D8%A9-360x200.jpeg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 878c993cd4eb6b6f818e0316f9e6652ac9ee3e7285f343074e75589ea8ff6ffc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 05 Nov 2023 18:27:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDUa6X9sQWMPxHZRwk%2Frmaew2AHe43rZPQpwWCL%2BMKnQeFMut1b7%2Fiz6lD1WDDLy6FXsQ0CSeogNDKwW2G%2BJ8Gia%2BrD2FMNXFFUy7kSWQJ7xmIQ99unsFZYGifKjMiw5HAUGQWlRoEzxQMeH%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e3db954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8026

GET
H3 200 %D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9--360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 15 KB
16 KB 101ms
97ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9--360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d43d0c2b00d3bc407fafd5be66fee7a74b6bba325fc56f98a96ca6bc1b340683

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Nov 2023 02:01:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlKrY5G6j1z44AA3NsU3w6GSY68suWuJekHhvZOTuspa7YEK8bNKHCFIt6q5QUX9WIZ5K17SG%2FnNjdw219Hj5FVX5p1B2zv3CVWOU51ABEA%2B6YYBpy4fh5gEs%2Fo5p9NcsPGUrYQHsuhAxpecLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e3eb954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15723

GET
H3 200 %D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D9%85%D8%B1%D9%83%D8%B2%D9%8A-%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82%D9%8A-500x300.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 34 KB
35 KB 102ms
99ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D9%85%D8%B1%D9%83%D8%B2%D9%8A-%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82%D9%8A-500x300.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f3271f24a81101413f28b107fcf6d90d89d662383fedf8882e76f122b0bfce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 11 Nov 2023 20:34:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqsi3mxwFhSoO6wdH4yJ5WGAA1gu1bDjTfTRI1RQj1NBYJTDgEd6SUillSayiTeDA7kVC4by%2FoxyeCf%2FukqNyD4Ov0AipnYW6Cx8EoeJcvfz2gMrAq7ZBCP4WTFb1jtV6V2rTk7RXZFJ5DLA3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e3fb954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 34905

GET
H3 200 %D8%A7%D9%84%D8%AD%D8%AF-%D8%A7%D9%84%D8%A3%D8%AF%D9%86%D9%89-%D9%84%D9%84%D8%A3%D8%AC%D9%88%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 16 KB
16 KB 64ms
61ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A7%D9%84%D8%AD%D8%AF-%D8%A7%D9%84%D8%A3%D8%AF%D9%86%D9%89-%D9%84%D9%84%D8%A3%D8%AC%D9%88%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a195b24c93fe857115ce6c2170b8ce99da4f44daf9110842fe06fd72d19a9276

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 00:07:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6154
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uym%2F8fSUw5F%2Fa9bMwy6Z4tRFZ5nUN0XDFuDAt7%2FgmXM8tf6SCM5AMToJWf19TAZ2ytnjC1tPZXFgSMfJMbutSeYBaD2BCUPzeAjPhW4FYl7G89CJDCZVAskWvPKrvCxtKiLlm%2FTt16G7QdMVBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e40b954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16100

GET
H3 200 %D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D9%85%D8%B1%D9%83%D8%B2%D9%8A-%D8%A7%D9%84%D8%A3%D9%88%D8%B1%D9%88%D8%A8%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 12 KB
12 KB 103ms
100ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D9%85%D8%B1%D9%83%D8%B2%D9%8A-%D8%A7%D9%84%D8%A3%D9%88%D8%B1%D9%88%D8%A8%D9%8A-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc177abd6607fae8b2d131cf0cff266d2a3311263b5ec8d0e643c84f2ec112e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Nov 2023 02:03:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ljhx89bqbYoE4DOMGuvK1lO5ibu5xH5wVUtr7VV%2FeKwtEISJT3TcwGtphtW5RAPI%2FnHE400pWRXdNcb3bpjuyD9oI%2BQXSfRkPIgeCKtyBY%2BGhmm0lpfP0o57ERJ%2FZI%2Bb%2FIPmtG%2FIIBBUBXvHkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e42b954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 12012

GET
H3 200 %D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A-1-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/10/ 22 KB
23 KB 104ms
101ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/10/%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A-1-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49b46188442abf20e776e5a224ab7757709b9807461aec752be1b4ce4dc631ed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 30 Oct 2023 22:57:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pt0hRWi3lQ9MuQy%2F0uHDgGlz%2BSDZr94%2B%2BlyuuVSYSLeXhNeGKhOtZqLOc9q2YMs2YgQase4BiUOjBjqPz9z7nW3tQym8xDqliaS%2Bd7pto%2Bv8x%2FiRb2kJ6m4HLH1vjisosXSiUCdajUAJq7vsMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e43b954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 22802

GET
H3 200 %D8%A8%D8%A7%D9%83%D8%B3%D8%AA%D8%A7%D9%86-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/10/ 8 KB
9 KB 105ms
102ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/10/%D8%A8%D8%A7%D9%83%D8%B3%D8%AA%D8%A7%D9%86-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74b059a64ab907df19f8d548cbff2afba3939e5d31d28692a333671eb779ddcf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 29 Oct 2023 17:11:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=paOQ0QVCZkPfAw6A9RTJNRmUD4mUOzxhSY%2Fk1gzgsbSttN8fIjtjMR3Z%2FnfPJKPYQtowT8dIK19MciipdJn%2BePItdirJpVI9m1YAXprSg4ytojKnIQhMWEGTWkz042sUT6zBkRWGvNr3P9Vz3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e44b954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8539

GET
H3 200 %D9%88%D8%B2%D9%8A%D8%B1-%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A--360x200.jpg
www.rafyon.net/wp-content/uploads/2023/10/ 14 KB
14 KB 65ms
62ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/10/%D9%88%D8%B2%D9%8A%D8%B1-%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A--360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a976cc60761ae1e5d55361726238e9243fc7062e9c8b6344ec604d1152cc8986

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Sun, 29 Oct 2023 16:57:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5075
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QazDCDugcxT5MU1mSCiokFNGZr9Vkfvy7FC23Hki9vJSF9hSH8uBG6IcfOtgQ2FckhLe3YcfaVmOo5Sx5F%2BoSxU8%2FO6eFBGxtXE0S1YhI15J2Aub4M5wyjeYRlF%2B5DhPzIYb9sDhTZje%2FOGEkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e45b954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14105

GET
H3 200 %DA%A4%D9%88%D9%8A-%DA%A4%D9%88%D9%8A-%DA%A4%D9%88%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/10/ 20 KB
20 KB 65ms
62ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/10/%DA%A4%D9%88%D9%8A-%DA%A4%D9%88%D9%8A-%DA%A4%D9%88%D9%8A-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4d6967c4bafb227f8fd6f0c659da9297bc719b6d4b5c37216244e6bc3e0d609

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 23:32:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2197
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUYy2RejqQ6VWShMcgvKJQgCCRh%2FGGZ%2B2umzyPUBZ5PixPEBVNZm1U5GNMVemLeD8A04ywy8k39fVvTj8XdInOm%2BxsoV2HnMFGTYkrAz6ZKndobTtrWTjE4wdVSrEPtrj86j6oNU%2BXQl9%2FmTog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e46b954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 20284

GET
H3 200 %D8%AA%D8%AD%D8%B6%D9%8A%D8%B1-%D8%A7%D9%84%D8%AA%D9%88%D9%86%D8%A9-%D8%A7%D9%84%D9%82%D8%B7%D8%B9-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 20 KB
20 KB 81ms
78ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%AA%D8%AD%D8%B6%D9%8A%D8%B1-%D8%A7%D9%84%D8%AA%D9%88%D9%86%D8%A9-%D8%A7%D9%84%D9%82%D8%B7%D8%B9-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10921def84fcc2ca0978321d156b1b65940fe30b328bd003cdd6a4e4792e24a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Nov 2023 20:38:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6321
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLVTrBVOP88FNFYq0yKyKJeDm0E97VAkoP%2FKfVdngntN4Ul5AuJsfCIutU0AEWCQFLIOl0SjmX1v%2FSlUzj08sPcy1DWIBlx%2Bgja9gk0cp6T6Jf1IVWDB81F1%2BhO0CcqeaBFC11QaJDq3VCl2Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e47b954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 19981

GET
H3 200 %D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D9%85%D8%B1%D9%83%D8%B2%D9%8A-%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 19 KB
19 KB 82ms
79ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D9%85%D8%B1%D9%83%D8%B2%D9%8A-%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82%D9%8A-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a2f962e47e4ec7e48aa29f054eae0fdf49a666d11222c3f72e04247d37a3ae9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Nov 2023 20:34:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 467
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGDxNzEjzQb%2F7HgHYAt4HtKAVir%2BRTmgZnU76Cd2EC0%2BsrMmKLqdZPyLlOTAzZJnS8zlwJr%2FJ2T%2BDjHWzb%2BkY0LGyTbgbGmhMPCLf6X59rCj5op89cx3GuQrCL%2FySG0qPsTvVQc8Z%2B55%2B7U9IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e49b954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 19386

GET
H3 200 %D8%B5%D9%88%D8%B5-%D8%A7%D9%84%D8%AC%D8%A8%D9%86%D8%A9-%D8%A7%D9%84%D8%B4%D9%8A%D8%AF%D8%B1-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 13 KB
13 KB 83ms
80ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%B5%D9%88%D8%B5-%D8%A7%D9%84%D8%AC%D8%A8%D9%86%D8%A9-%D8%A7%D9%84%D8%B4%D9%8A%D8%AF%D8%B1-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f38e373a688607ccbc8503ad471aa3bb21d32725d46834eefb73980b9b83e789

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 23:21:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2197
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRzMcRMcjUxJXWoYmORMzCCfuP1r1tyzzJ%2FJLO6pDxdMXOldG%2FBVuB48OBNb4y150j8aNiYjkXbNX2iO4gCA%2BkyqhWKJB80HZh9uPFQynIhz3KHbWcJAQCGbjc1zuDpJERCZzYQHwhLggKOexA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e4ab954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13217

GET
H3 200 %D8%B3%D9%8A%D8%AF-%D8%B1%D8%AC%D8%A8-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 13 KB
13 KB 84ms
81ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%B3%D9%8A%D8%AF-%D8%B1%D8%AC%D8%A8-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dd63db78cedc8bee5838a6d1944c129094c97b9fc57489f5643d6da11d7bfe5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 23:18:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6153
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5pOZ2EWhVIAi9Sgaie%2BzLIS10J9FP8K%2FGoc4UAWYJoc94%2FT%2FFYMRwOTqF3C0LNuKlTY%2BtBeG4P0aZo2UVF4CWPCLue85gfXppyBw0UblcxnfGkG5muo0%2B9mUSExHAEX%2Bu5K7AMsRlHnEFn2DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e4cb954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13219

GET
H3 200 %D9%85%D9%84%D9%81%D9%83-%D8%A7%D9%84%D8%B4%D8%AE%D8%B5%D9%8A-%D8%B9%D9%84%D9%89-%D9%88%D8%A7%D8%AA%D8%B3%D8%A2%D8%A8-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 9 KB
9 KB 84ms
82ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D9%85%D9%84%D9%81%D9%83-%D8%A7%D9%84%D8%B4%D8%AE%D8%B5%D9%8A-%D8%B9%D9%84%D9%89-%D9%88%D8%A7%D8%AA%D8%B3%D8%A2%D8%A8-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cb3d35b55d42ce147dd843386871c72ad7d78bd3c60a49b1099e41881556f2b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 23:15:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7030
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pxf6P0cs0Q%2FHzk0T%2FhgSH7CVNkb2quv1snoWImXay4KkZwL92%2Bv2yVyJZY7EHKMlCVQi5MnpFiCbZGICrU0hRjltPVatGPfiW%2FwvBMboDH9%2FoIv5jAq%2FAupcjSNIpKzLx%2FEmNHEs1Kdv5l%2FGmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e4eb954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8714

GET
H3 200 %D9%83%D9%8A%D9%84%D9%8A%D8%A7%D9%86-%D9%85%D8%A8%D8%A7%D8%A8%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/10/ 11 KB
12 KB 85ms
83ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/10/%D9%83%D9%8A%D9%84%D9%8A%D8%A7%D9%86-%D9%85%D8%A8%D8%A7%D8%A8%D9%8A-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5bc421a51791bbbee22e0de81f887fa44756eb90ef1875e2db76cff17832140

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Sun, 15 Oct 2023 22:00:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6687
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WC2nhrEWTj3J8PO0yq%2Fr8wVQJ0MYfI1rIzt6Nle3JZccfaqKnDE6W%2B31C8sElhDHUv6fvltfOQazVj74fdFZ6NWgnY8ph4htYqyl2RwB5q%2BEFwfC4dYNy5xt6hh02qQ45vU6fb%2BsZoeYYlP16g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e4fb954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11436

GET
H3 200 %D8%A7%D9%84%D8%A8%D8%B4%D8%B1%D8%A9-%D8%A7%D9%84%D8%AC%D8%A7%D9%81%D8%A9-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 11 KB
11 KB 106ms
103ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A7%D9%84%D8%A8%D8%B4%D8%B1%D8%A9-%D8%A7%D9%84%D8%AC%D8%A7%D9%81%D8%A9-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b49521fd237e0ce7c618aecd7390c03deeac97ff7bb405e07fb7fd429a0f397

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 05 Nov 2023 20:29:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJWevu1CABHwb6F6E%2FMyiLH6JD4GDXtwg%2B0CetHcv3BjNJmRdxkqKgceq5f7H%2FCaknmHH9UE1VjKMHP7HtlCMNDn5s2ZN4o1J7Sv3cr5kwIRy1sDxR1Hix54CxTYE1zCnEhVDRwa8LUvLmDFBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e51b954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11226

GET
H3 200 %D8%AA%D8%B4%D9%8A%D9%84%D8%B3%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 20 KB
21 KB 106ms
104ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%AA%D8%B4%D9%8A%D9%84%D8%B3%D9%8A-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c1ac09766e0f1322a4aaafcf2192f7b1c69f26c3810f9f89f2238373decf8af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Nov 2023 20:00:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2197
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6pkacNkl4Uy99%2BA4Mng73T2%2FinkCbcSMAGUqhV6egHWIw8ddRH98EzMkPm6WB0q7jtl50uUV9LEy82Hvieo6bXe8FzrV8PWdP6Fxzxxqhgupp7526A9ERsrZozlx2oqOp75LUqhxoC4Vd0EDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e52b954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 20968

GET
H3 200 %D9%88%D8%A7%D8%AA%D8%B3%D8%A7%D8%A8-1-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/01/ 12 KB
12 KB 115ms
112ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/01/%D9%88%D8%A7%D8%AA%D8%B3%D8%A7%D8%A8-1-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcf6f6feae5927c60139ce3e1629564df3328ee63a1bf852e04afb957e684041

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 24 Jan 2023 03:02:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6hWmPVjVnrqIRCdHdnyggrCXYPK2PqJjmU%2BySiit4rGUEW8xITVug6MT%2BX9eGCJdIOtL7TNtgRiUK6Luyg71nbHV%2BdCnsBgxox2olR0SgquIar7ojeCYTSkrFfR3qf%2ByAtHYDshsmmQS4MwXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e55b954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 12140

GET
H3 200 %D8%A8%D9%88%D8%AA%D8%B4%D8%AA%D9%8A%D9%86%D9%88--360x200.jpeg
www.rafyon.net/wp-content/uploads/2023/11/ 9 KB
9 KB 116ms
113ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A8%D9%88%D8%AA%D8%B4%D8%AA%D9%8A%D9%86%D9%88--360x200.jpeg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e26cdf84ea6019cb4505a4bd4e24b6c8cdc08f18a5ecf7c0a8668f0af945d64f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Nov 2023 19:55:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2197
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zrz4lDtATDShgO2jNItnUUF5W05HxJXtMdx1ttdBy8A7ulm6wE9aYHyWldyT4%2Bs3EKGxyyh2DpZNLkCBp7WjTnHsHN5xvH235OTfNEd%2BJ0LBZCK6zHSD3DyVhM112rrZeRpMGAskM8zZUvPo8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e57b954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8751

GET
H3 200 %D8%B9%D8%A7%D8%A6%D8%B4%D8%A9-%D8%A8%D9%86-%D8%A3%D8%AD%D9%85%D8%AF-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 16 KB
17 KB 116ms
114ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%B9%D8%A7%D8%A6%D8%B4%D8%A9-%D8%A8%D9%86-%D8%A3%D8%AD%D9%85%D8%AF-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d38b3e26dd6b6cc40545482d9ede9a2abc5d123a1f7d8d10c0c270588e5dfb7b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 05 Nov 2023 19:53:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZBFGCMCjXF0l3d%2Bnk8SfkfXBz0SOcbXyP5ngbDobqxxPD0fmew7fAOeL6AlCKLeUVbnGSuOuRq3UPclOSW9a5oWg%2FeDaGhjhgUjG4e1DgfUWRShajNU0At6rTT1h%2BNJUlhrU04XA6beUp0lVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e59b954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16716

GET
H3 200 %D9%81%D9%8A%D8%B1%D8%AC%D8%B3%D9%88%D9%86--360x200.jpeg
www.rafyon.net/wp-content/uploads/2023/11/ 13 KB
13 KB 117ms
115ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D9%81%D9%8A%D8%B1%D8%AC%D8%B3%D9%88%D9%86--360x200.jpeg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04fd3a2305c7dc6473b7fd2feb8b73778e7d8a6f92f2523857a145c77f399259

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Nov 2023 18:29:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6154
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiHnr%2Fsijg9P9A3UhNn8WFhebI8BITALL0ZyZXIvyYaHJga1dQnPFj4MNeDl3JojzIpoipiLkAKLeLOK%2BgTsl7RaYgFIMFkbG32ZB0urbaPhABfD7xA5H8QvH6FiKKLO%2B1NRpZEq9yZhLpnHtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e5ab954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13158

GET
H3 200 %D8%A3%D8%B1%D8%AA%D9%8A%D8%AA%D8%A7-360x200.jpeg
www.rafyon.net/wp-content/uploads/2023/11/ 8 KB
9 KB 119ms
117ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%A3%D8%B1%D8%AA%D9%8A%D8%AA%D8%A7-360x200.jpeg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36d9a942cca5b9f6a701720465c53f4e92093e224af0181bd4455b20a45e0957

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Nov 2023 18:23:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5121
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhfXUU7Q25lj%2Bf8UBRSMWxCNZU1tT2zQyFrvviZ3tDw1cS0%2Fn8Ap%2BP4FbPUHWXG0l0zk%2FKuykKeECQuuMUusnWZ53Bfb7Ud323WQN43MAcovZZ50cZThkkQAJW2IdnWYgGGeZCFRXAovTjjD6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e5bb954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8505

GET
H3 200 %D8%B3%D8%A7%D9%86%D8%AF%D9%88%D9%8A%D8%AA%D8%B4-%D8%A7%D9%84%D8%B4%D8%A7%D9%88%D8%B1%D9%85%D8%A7-%D8%A7%D9%84%D8%B3%D9%88%D8%B1%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ 23 KB
24 KB 120ms
118ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rafyon.net/wp-content/uploads/2023/11/%D8%B3%D8%A7%D9%86%D8%AF%D9%88%D9%8A%D8%AA%D8%B4-%D8%A7%D9%84%D8%B4%D8%A7%D9%88%D8%B1%D9%85%D8%A7-%D8%A7%D9%84%D8%B3%D9%88%D8%B1%D9%8A-360x200.jpg
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89f7ca3b0a13782b370063ac11e3780b4bb2164d6d7125cae7a2b23155f54de7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Nov 2023 02:12:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7T5UqhK%2BldO2Y7yonTJKhEH81RtENfhAsNsPhAQlxnH6OfvpVP36iIVrH1nai7lEHcwBtUyvt%2BCK%2BNsh6BjRuLWuq7Bf8IgcWv1tKghd%2BFLnu5NbcbgbLUX6195jy5QFkYtuACklOFcx2Qylg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e5680d8e5db954-AMS
alt-svc: h3=":443"; ma=86400
content-length: 24036

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/ 78 KB
78 KB 45ms
26ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c3e8276a03b75d40fdbc5b40e665022127cbbd1722b6de06839ca69f664b7af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Origin: https://www.rafyon.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 624951
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 79444
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-13654"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83untleaubXZyERQaHLx%2Bed5f7VleR3GElSKthbzCWm%2BLnYHGS%2Bc6dmMJ08r9rkj758H%2F0Ym7o2GqBZM3E0nJi0A36y4CqRJc2kK5ZVTug1XfTHCOfPGRLtg7HPDn%2BhgQ03VFpFYKACu8FErvBm%2FLx3F"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84e5680dab625c47-AMS
expires: Mon, 20 Jan 2025 22:31:42 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/ 75 KB
75 KB 95ms
76ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d66b4e8556dec780a3be1e72c2bacfac5f379f6977f2886254908e5f87db6bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Origin: https://www.rafyon.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3186401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76612
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12b44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiD9JoA3WvJqCCCscSjGObOg4PTVXT3SP0XkP9Q3v9IibNuK9uZJB9yoFrvD96vlTwpHBoMwmZ19XavJgOJEKsi%2B2TTMFwpKxGRzAnIC3UnDKQLRYlDP0tpghkkOh5lFDFVtnVmZV3g04k%2FvsRL1fQzz"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84e5680dab645c47-AMS
expires: Mon, 20 Jan 2025 22:31:42 GMT

GET
H2 200 DroidKufi-Bold.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 31 KB
31 KB 78ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Bold.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/droidarabickufi.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rafyon.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 05:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31448
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 05:12:56 GMT

GET
H3 200 Greta_Arabic_Regular.otf
www.rafyon.net/wp-content/themes/newsplus/assets/fonts/ 154 KB
55 KB 120ms
119ms Font
font/otf 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rafyon.net/wp-content/themes/newsplus/assets/fonts/Greta_Arabic_Regular.otf
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/wp-content/themes/newsplus/assets/fonts/fonts.css?ver=46.00
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f3825ab5a948a650d9276b8c3ed43db6f36ac1e7d150c134bc2685e537131b

Request headers

Referer: https://www.rafyon.net/wp-content/themes/newsplus/assets/fonts/fonts.css?ver=46.00
Origin: https://www.rafyon.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 10 Apr 2022 14:30:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5076
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=at5%2FAKNNt1PWiROk7%2BEC1iErGyCvM90MzfShsWCm56%2B%2BmXYsmKjI8MvaAxWlnmfyvkEKxKqxwETj9It6arUAHvPfhrUd8750e4%2BxhMTgoo7Ynt4iQ75yg26OVQva%2Buc4zmdfh0MmpHye90tbcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/otf
cache-control: max-age=14400
cf-ray: 84e5680d8e5eb954-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 DroidKufi-Regular.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 31 KB
31 KB 103ms
49ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/droidarabickufi.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rafyon.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31147
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:08:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.rafyon.net/wp-includes/js/ 18 KB
5 KB 113ms
113ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rafyon.net/wp-includes/js/wp-emoji-release.min.js?ver=6.3.3
Requested by: Host: www.rafyon.net
URL: https://www.rafyon.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 09:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 47
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDRi7YKvUE%2BLWyZEd0KSowcsUPwhmQQafUhyqWAV2LhaIu6yHLpd%2BRSYFkQN8qioZmidzm3KzGAfzJLJsK5tV5Mq2Sk5JqwkdUt736leBwYo12JP4KlVI%2Fv%2BMOGlUfCqD1hQxhiRcIlCvhnNQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84e5680d9e61b954-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 125ms
64ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/eea8f441-3b22-4ddb-a021-33600b968506/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc8c3f01079787573b1649aaa0b640405ed00898868df7f8f4096d749bd63e8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29884
x-xss-protection: 0
server: cafe
etag: 344 / 19753 / 31080792 / config-hash: 2548535710906904626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 22:31:43 GMT

GET
H2 200 branding-ads.svg
cdn.optad360.net/icons/ 7 KB
3 KB 91ms
17ms Image
image/svg+xml 2600:9000:2447:c000:f:a31d:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.optad360.net/icons/branding-ads.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:c000:f:a31d:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 13:25:33 GMT
content-encoding: gzip
via: 1.1 ca0e18fe48e6994b3446a58a1e05c1ce.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 9623171
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: HWpNKPehoqKWp_7OAUn4nTBA0hkGt0ATr49sRJUqhDSx9OOJEkwOvw==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/ 435 KB
136 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b7da2057c3a37a4c49b313a989f78fbc91ba50ba03725afcde21477b56d3378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 15:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24870
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139509
x-xss-protection: 0
server: cafe
etag: 15006055029041311047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 30 Jan 2025 15:37:13 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 108ms
17ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:28:25 GMT
content-encoding: gzip
age: 536598
x-guploader-uploadid: ABPtcPrxy3jqF3BuOJsT3m0rXj42iuKqgaw3_VnvXw_w014jMBy2NpPYGs3dEeSf2Wn4QcY_8SU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 24 Jan 2025 17:28:25 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 56ms
21ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 18 Jan 2024 07:12:05 GMT
server: nginx
etag: W/"65a8cf45-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 22:31:43 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 87 KB
26 KB 71ms
29ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f71c68db8f50cecab42686d45c685b9fa2710dac74bd8eb50df4689575fc204

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Jan 2024 10:08:32 GMT
server: cloudflare
x-amz-request-id: N04N7BT1R2V0H0VE
age: 962
etag: W/"b03d5064c95ecd01501cdae49ca9228b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 84e56810fa4228ad-AMS
x-amz-id-2: d2g2vzwwYloqewffK6ggU4YNqSFA6hKvOOjce8k8w8a9XMAj2JzHTZLPOMAoz9vRDu4t8xViv9pQjpXKZMCiEA==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 102ms
23ms Script
text/javascript 2600:9000:2250:1400:a:e047:753:eb41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1400:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Wed, 31 Jan 2024 06:54:01 GMT
Via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 56263
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: XmG3cFWeaZ9SBkQGgaJd78aJIBc5pDxX9eVrIDxyP9Gg8WRxEIwzhw==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 67ms
27ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32634
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-ams21022-AMS
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xRXPko%2BuDstiCZMzkIs7uBOlhVrH9QV5aOzJiItogfdfJDn5%2BswqnyH745rVpoH242TBFyATBsVP3zXixqa8ufjWHN1sgasnPIrOlcXTdpIs4lBeDDwCmojziFCtOMizMxwEwHoMnyx84QSny4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84e56810eabf1af8-AMS

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 85ms
27ms Script
text/javascript 18.155.129.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-56.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 03:56:19 GMT
content-encoding: gzip
via: 1.1 56455cfd91a1942216b3c22ed923150c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 66925
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: jy0dfAWlK4OUTQ2LI4PhM6FiWgveMUfG3cX0_4_iBIHql0QpPb5ynA==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 88ms
33ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: c5f17d31c0bf8d143f97314d0f88a96a
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 310ms
310ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=495416218062827&correlator=3237492805691533&eid=44809527%2C31080792%2C44777901&output=ldjh&gdfp_req=1&vrg=202401290201&ptt=17&impl=fif&iu_parts=121764058%3A22713825117%2Crafyon.net%2Crafyon.net_o3b_display_sf_o3b-new&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706740303451&lmt=1706740303&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.rafyon.net%2F&vis=1&psz=0x-1&msz=728x-1&fws=644&ohw=1600&ga_vid=1401515220.1706740303&ga_sid=1706740303&ga_hid=526964522&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY2IyZjdYxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjYjJmN1jFIAFICCGQSGQoKcHViY2lkLm9yZxjYjJmN1jFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y2IyZjdYxSABSAghkEhcKCHJ0YmhvdXNlGNiMmY3WMUgAUgIIZBIZCgp1aWRhcGkuY29tGNiMmY3WMUgAUgIIZBIUCgVvcGVueBjYjJmN1jFIAFICCGQ.&dlt=1706740302820&idt=604&adks=3987850706&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8ed0bda62c8892fed60a40726a65d25fba328479d3d3a6cc23a48865c93e138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14966
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rafyon.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 125ms
68ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401290201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5795cb406f06bd5aa064782d7b8908fb4cbe385b91ac4bbc08e66a812489cae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12038
x-xss-protection: 0

GET
H2 200 container.html Show response
4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3A0E 6 KB
3 KB 139ms
31ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rafyon.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 22:31:43 GMT
expires: Thu, 30 Jan 2025 22:31:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9253 14 KB
6 KB 60ms
18ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.rafyon.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.rafyon.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 22:31:43 GMT
server: Kestrel
server-processing-duration-in-ticks: 388878
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
230 B 88ms
24ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.rafyon.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.rafyon.net
date: Wed, 31 Jan 2024 22:31:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 122ms
35ms XHR
application/json 52.48.9.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.9.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-9-219.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7982f7b99c1c702a92236c41dcdaa1e1a999b9c41188ca49a358b7632094cc04

Request headers

Referer: https://www.rafyon.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 22:31:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.rafyon.net
cache-control: no-cache
x-server: 10.45.0.66
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.rafyon.net%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.rafyon.net%2F&rid=esp&cc=1

85 B
193 B

126ms
126ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.rafyon.net%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 78eb084b95a38471caa06e279dc54e286f38ed1565e2cc8740e10a0c5e88e746

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-87r9lh4YGQCJkUhq6dl8oKAiCCE"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rafyon.net
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 31 Jan 2024 22:31:43 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.rafyon.net
location: /esp?url=https%3A%2F%2Fwww.rafyon.net%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 110ms
32ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 22:31:43 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9253
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=rafyon.net&sn=ChromeSyncframe&so=0&topUrl=www.rafyon.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=h22803xCN1F4VDFGODZ2NWtuL0NlYWxsUnNCUkZ2aEY2bDBjaWtCeWptZnk2LzRwSWhkYmZlVGpPVmZhaXNxT1M3TzN2U2pYUnl2R2dYYjZiTFozak9LSVlGYXpKck5McGZxdWRxcFRzOGRHeUlUb0xmWUhjUE9XWkVCeE...

435 B
652 B

19ms
19ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=h22803xCN1F4VDFGODZ2NWtuL0NlYWxsUnNCUkZ2aEY2bDBjaWtCeWptZnk2LzRwSWhkYmZlVGpPVmZhaXNxT1M3TzN2U2pYUnl2R2dYYjZiTFozak9LSVlGYXpKck5McGZxdWRxcFRzOGRHeUlUb0xmWUhjUE9XWkVCeEg5THlKQURsYng2ckJWRnhZdmFlZ2N4UERaOGxRb0dzTU1ldzE2RHVsSlRZaURFcW1QOHFEb0VvdHFWdmFraGwxUlViMHpWOGFLdk1pVHpnWEFXRkR3STlzYnF5Mk4wYUNFcWR4aVlrTGsvK1BIU1drZzRMdjhObHVtaHB4UXhtWEtLbDFObUFWR2Q5VTNvQVNNNmlKYTZYQkhKRW82Zz09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

80f368c651e94cd99d9eaab748496e8c2e8aff26f78f0e3e59e732e6c284d25e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1349737
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=h22803xCN1F4VDFGODZ2NWtuL0NlYWxsUnNCUkZ2aEY2bDBjaWtCeWptZnk2LzRwSWhkYmZlVGpPVmZhaXNxT1M3TzN2U2pYUnl2R2dYYjZiTFozak9LSVlGYXpKck5McGZxdWRxcFRzOGRHeUlUb0xmWUhjUE9XWkVCeEg5THlKQURsYng2ckJWRnhZdmFlZ2N4UERaOGxRb0dzTU1ldzE2RHVsSlRZaURFcW1QOHFEb0VvdHFWdmFraGwxUlViMHpWOGFLdk1pVHpnWEFXRkR3STlzYnF5Mk4wYUNFcWR4aVlrTGsvK1BIU1drZzRMdjhObHVtaHB4UXhtWEtLbDFObUFWR2Q5VTNvQVNNNmlKYTZYQkhKRW82Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 567237
content-length: 0
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A2C3 13 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rafyon.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 16179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 18:02:04 GMT
expires: Thu, 30 Jan 2025 18:02:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7EEC 829 B
1 KB 172ms
61ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2db03c85bdd2bee8b4dc06e66b072f08535ccd759bd32b27cb5370bd71a15abf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bUWq2i-W77P9gY4ovTdxXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rafyon.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bUWq2i-W77P9gY4ovTdxXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 22:31:43 GMT
expires: Wed, 31 Jan 2024 22:31:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame A2C3 39 KB
15 KB 126ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 14:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jan 2025 14:54:34 GMT

GET
H2 200 container.html Show response
4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AEFA 6 KB
3 KB 32ms
32ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rafyon.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 22:31:43 GMT
expires: Thu, 30 Jan 2025 22:31:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame E7D5 167 KB
54 KB 142ms
64ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbrKTwAHwkUIu8OCAAeukBRR67GDPU5rgD2cHw&u=%7C1zigRQFXPPrqJBg89NlmeHLYrQ4T7zsy9ygPL9TL6S8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5EvxXFAQiGMZN0bxr_5eMVPRayZJUoVS7HOkZWJ8OnO_YZQ4rIRgj-ZsqaqhYcVRtx9zdkJtSCH55d_CYo7l1f3CZ7L-s3C2IFaifvIspDwHDCzg-QrTB22izBgLLJL58VFCk0YM9iOvOQXNmT1QmQwgQnEuuMwVy8qoJLInOV4mJUA-OQObrG5tUIx4KLUS4_HJi9DBi_ud-mrJZclANDTbRxMxRHHP7RmNWW5m0t4Cfy9gnHA3ou9fwzpX0qx8QnTIt54sPWGzXvjPZfKxz8vhIzusQ_W7-PqInNABf1VnG-zfNi9sWmwl0kwDUsgAJdsMLcwwRSCw8h704_gu8Dm-sUpwa_eksfOOynIay99MZnYncvytEGh-mFqXK35EE2Ut4QNE1269Qa7rDzCOH32TMfgGaaBACWAb3tbvLWuqHxbvUBrlZAn8faBR3F8I6P6sf2oMGPG4POvdn-1P5FSzVUTOPCvfu62YsN9hHPzMnFTTyTD0idUvJPNv7CtwXkkkVNXBNHbFdV3on6clmN4ycLj9qwdqOp4n4uj3Zkt1fUs6DsaC9DJM1SwyUB-2U9uiUer8XRCgoBE9bDsPACU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC49q8T8q6ZcWEH4KH7_UPkN2e6AfJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAn41WqksO7I-4AIAqAMByAMCqgTDAk_QAS1_FqThiZ6pBqNjpokPFoUHVl6Acd5BCvr6barnauh0kPL24kIoN0lzhLsCJfuldH3bGWvrJi5hRJ84pUMhrMnOnYPIx3XFuWsCmBsKUHtSJ_ONmWXxAHu_P-y5_3c5Bk4TZ2avKjitRkT1fxLx7yWvdOrOQFpvknTzeRn8HllxsjE0x2eoJSIYgUVv9D0W4gVn4AKKC2ACTUBZOWGhDzgdaZe2Bzpsa_PYtyWR55ygSKh8rk2s3CYwmfTdO7funsfAZn1LlCM3H8OzZVzhROxiYlVSePc71gGBfKGG4yi_26xD_ThQMkQHn2ysDZtIfRXt_5AYsj_3HgV_FP0_PBQ3Mg9TIfn4guHiF-U8ycU8V4jOmDnCQrjuJStEIsGfopbftiOnuQseiTOkhJQNF0w2qr9-U3FdpE8Gw1LttM-I4AQBgAbv4O7JiJK9-2igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYo4-NjNeIhAPyCBthZHgtc3Vic3luLTc5MjU2ODI5NDAyNTgwMjT6CwIIAYAMAeINEwjat42M14iEAxWCw7sIHZCuB33QFQGAFwE%26num%3D1%26sig%3DAOD64_2YtoWRjo-2jYqpzjzlRm0UU-rMUQ%26client%3Dca-pub-5512390705137507%26adurl%3D

Requested by

Host: 4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com
URL: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eb3b37e5366083f5ee398138d12cc70e8d8ad9820965aeb65d8c2f46b77ed870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 22:31:43 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=J3tDfLfHdG6LZbj0A6Z0Mxxsm38lV3oTvSayyepg6oPU8Ube1bylU56kBLgOhCsBELIjA3v6a-CFCU8zlE4cvDUqEsEx5SnSyW7OqEkdaicxZUomvze975IAUJ5vpGYx-ENZLWmr4vfe5fZqUIHf7gPfW3ln4Ung6PQ7-xZBjR-fLZbpqgae4JfobXlCeWmhVAv1iaE74fXLz27wf82jsYcrHpdRGy8H8BcbStnQwRM03SQxNgStAtSl6xg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 38840633
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame AEFA 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com
URL: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 15:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 15:28:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame AEFA 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com
URL: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 23:41:57 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AEFA 24 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com
URL: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:55:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 29 Jan 2025 18:55:04 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AEFA 205 KB
62 KB 39ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com
URL: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2efd5b088456b5b350cdd2afd4e91b4bb44217e2c212a5d150f96ffa185752f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63264
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 22:56:00 GMT

GET
DATA 200
OK truncated
/ Frame AEFA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e544167a21ea17814308901d67f4ed786dc99a152681a795b07e9d452e86a8cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 7D70 199 B
298 B 68ms
22ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://www.rafyon.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Wed, 31 Jan 2024 22:31:43 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7EEC 0
0 53ms
53ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401290201&jk=495416218062827&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E7D5 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbrKTwAHwkUIu8OCAAeukBRR67GDPU5rgD2cHw&u=%7C1zigRQFXPPrqJBg89NlmeHLYrQ4T7zsy9ygPL9TL6S8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5EvxXFAQiGMZN0bxr_5eMVPRayZJUoVS7HOkZWJ8OnO_YZQ4rIRgj-ZsqaqhYcVRtx9zdkJtSCH55d_CYo7l1f3CZ7L-s3C2IFaifvIspDwHDCzg-QrTB22izBgLLJL58VFCk0YM9iOvOQXNmT1QmQwgQnEuuMwVy8qoJLInOV4mJUA-OQObrG5tUIx4KLUS4_HJi9DBi_ud-mrJZclANDTbRxMxRHHP7RmNWW5m0t4Cfy9gnHA3ou9fwzpX0qx8QnTIt54sPWGzXvjPZfKxz8vhIzusQ_W7-PqInNABf1VnG-zfNi9sWmwl0kwDUsgAJdsMLcwwRSCw8h704_gu8Dm-sUpwa_eksfOOynIay99MZnYncvytEGh-mFqXK35EE2Ut4QNE1269Qa7rDzCOH32TMfgGaaBACWAb3tbvLWuqHxbvUBrlZAn8faBR3F8I6P6sf2oMGPG4POvdn-1P5FSzVUTOPCvfu62YsN9hHPzMnFTTyTD0idUvJPNv7CtwXkkkVNXBNHbFdV3on6clmN4ycLj9qwdqOp4n4uj3Zkt1fUs6DsaC9DJM1SwyUB-2U9uiUer8XRCgoBE9bDsPACU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC49q8T8q6ZcWEH4KH7_UPkN2e6AfJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAn41WqksO7I-4AIAqAMByAMCqgTDAk_QAS1_FqThiZ6pBqNjpokPFoUHVl6Acd5BCvr6barnauh0kPL24kIoN0lzhLsCJfuldH3bGWvrJi5hRJ84pUMhrMnOnYPIx3XFuWsCmBsKUHtSJ_ONmWXxAHu_P-y5_3c5Bk4TZ2avKjitRkT1fxLx7yWvdOrOQFpvknTzeRn8HllxsjE0x2eoJSIYgUVv9D0W4gVn4AKKC2ACTUBZOWGhDzgdaZe2Bzpsa_PYtyWR55ygSKh8rk2s3CYwmfTdO7funsfAZn1LlCM3H8OzZVzhROxiYlVSePc71gGBfKGG4yi_26xD_ThQMkQHn2ysDZtIfRXt_5AYsj_3HgV_FP0_PBQ3Mg9TIfn4guHiF-U8ycU8V4jOmDnCQrjuJStEIsGfopbftiOnuQseiTOkhJQNF0w2qr9-U3FdpE8Gw1LttM-I4AQBgAbv4O7JiJK9-2igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYo4-NjNeIhAPyCBthZHgtc3Vic3luLTc5MjU2ODI5NDAyNTgwMjT6CwIIAYAMAeINEwjat42M14iEAxWCw7sIHZCuB33QFQGAFwE%26num%3D1%26sig%3DAOD64_2YtoWRjo-2jYqpzjzlRm0UU-rMUQ%26client%3Dca-pub-5512390705137507%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Jan 2025 22:31:43 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame E7D5 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Jan 2025 22:31:43 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E7D5 308 B
636 B 18ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 25 Jan 2025 22:31:44 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E7D5 293 B
621 B 20ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 25 Jan 2025 22:31:44 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame E7D5 43 B
348 B 71ms
19ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QduC4oUmV6imsJVIjOEh2zuELHkuQPVhQfc1lWQi0rg8LFwPFexJg9VpwtowuT_IaGt_D1eogUlDiZgLGMY2S5uKTiWCFLeruaP578kEUOPdQNgpmcC1EXzXTta9aF7uqKIRioNNUt1NAN4iKeq1Tf94S5cxhiQ5DhTy7z2X9Uwzi4l8FtUIC_cNJewAoLJuH_U82hXnVztR8vMLIEzdsuIVJG2RqkrWtVWIQTEHHhTc7Vfxs_ys1PzT_ugGFhQDjC4FM21xKvAOI8Is3Qqd_E57lgiP2UiG8Ai5s9Oyyjub_G2lMnr4JKqG36wTF7f-W-lUhljNoWOGnkzV_Vf9c4fBYVIuM6YwO1Cmf_4BsxzyQ1xdohRNaeDGhrCg7iIWpwxLrpPBpaXdmceDEfMXRCT1oOYBlwnyIgsiuOjSW0WBeJftmgCU7JeiFkMBeS7nG3FJ6A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2119071
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E7D5 12 KB
5 KB 26ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3096284
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FP3sp1E4WaEfA%2B9xPKBNuML%2FNRaSVXoxmqGglP3KOHOfIvZ7HSXPaT69UiyJp7vojVgaL76kMvEbaiylkTossJpllOPUU7v1u74an4MootFTKcaToU25%2B4MrZ1mKCFtNyJJxc%2FFS3ujvCCxohJDsks%2BO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84e568141f930eb4-AMS
expires: Mon, 20 Jan 2025 22:31:44 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E7D5 12 KB
6 KB 20ms
20ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Jan 2025 22:31:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E7D5 6 KB
6 KB 73ms
18ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=94060&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F44928%2F210610%2F04cda6bec4824bcd98d76b14408358c5_logotipo_bipi_rojo_sinfondo_300x300px.png&v=3&w=256&rid=4&s=o_mJ3dIlD9ehhzgKMRkmgX0K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a760f2a10c28e3a15403c48b6d2dc0727ff4ff25f846e9fe65bfa12151f382ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5934
expires: Wed, 01 Jan 2025 08:38:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E7D5 38 KB
38 KB 89ms
34ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=94060&q=80&r=0&u=https%3A%2F%2Fbipi-pro.s3.eu-west-1.amazonaws.com%2Fspecificvehicleplans%2F6204ff5edc32930093c50f2c%2Fvehicle-images%2F624309922ed084401c36ab9e_2022_03_29_15_28_50.png&v=3&w=400&rid=4&s=vm7k1ku1lw47wNvkn7DAUebd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

98081e75b1b7b52f2483b3060127a36a6e59cedb743f4dc3ce68bfe3b39c7b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 38922
expires: Sat, 21 Dec 2024 13:31:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E7D5 38 KB
38 KB 122ms
68ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=94060&q=80&r=0&u=https%3A%2F%2Fbipi-pro.s3.eu-west-1.amazonaws.com%2Fspecificvehicleplans%2F61d55c0f1f19f1008729aaad%2Fvehicle-images%2F6242fbe071e772bdd63d23b9_2022_03_29_14_30_24.png&v=3&w=400&rid=4&s=J2SjYmEhGLqwwiESQ_TX7PkL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

60bb2c5c13eed49a292e03d8c2ae032e8c9bb39a1a8af1b013deadb75fd9dd57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 38559
expires: Fri, 17 Jan 2025 19:50:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E7D5 36 KB
36 KB 127ms
73ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=94060&q=80&r=0&u=https%3A%2F%2Fbipi-pro.s3.eu-west-1.amazonaws.com%2Fspecificvehicleplans%2F62050438aace010087483cc3%2Fvehicle-images%2F6242fcf378ed25074e941d2b_2022_03_29_14_34_59.png&v=3&w=400&rid=4&s=IDYQbebqUluTZfYF9kxjSZxl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

440aa5d3153062f148eb69869ddd2d57792c704648bdcb582896099015981f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 36696
expires: Mon, 06 Jan 2025 04:55:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E7D5 38 KB
38 KB 106ms
51ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=94060&q=80&r=0&u=https%3A%2F%2Fbipi-pro.s3.eu-west-1.amazonaws.com%2Fspecificvehicleplans%2F64e74a4b741d315b29652bb3%2Fvehicle-images%2F64e74b79f4230b0fe4fef254_2023_08_24_14_22_17.png&v=3&w=400&rid=4&s=0jXHuG8q_LD9LHk6aW6BsB6Q&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f62f3f9c0a35da1361409e756246ad7732b338eb347f7390a890529ca5f5467a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 38517
expires: Sun, 19 Jan 2025 17:49:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E7D5 37 KB
37 KB 109ms
56ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=94060&q=80&r=0&u=https%3A%2F%2Fbipi-pro.s3.eu-west-1.amazonaws.com%2Fspecificvehicleplans%2F63dbadf9b0b16895ca787a1e%2Fvehicle-images%2F63dbb389d77a780188f4ec35_2023_02_02_13_58_49.png&v=3&w=400&rid=4&s=yZeeAXyW9zNDlVK3PfPe2uAG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1172b88991c7f2e5da6b7498406323b724f594d80356677aa49556fc873d3450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 37562
expires: Wed, 15 Jan 2025 14:38:13 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E7D5 37 KB
37 KB 79ms
79ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=94060&q=80&r=0&u=https%3A%2F%2Fbipi-pro.s3.eu-west-1.amazonaws.com%2Fspecificvehicleplans%2F62d136e264d5f9054f60872e%2Fvehicle-images%2F62d1380ea368217947e30c2a_2022_07_15_11_49_02.png&v=3&w=400&rid=4&s=rVQxZtp1PTm00DSex_2U8F1p&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4dd7394a41faacc07b9da2b9febaa68fe1c7c67a142d344f392529b4224de0aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 37691
expires: Sat, 11 Jan 2025 01:57:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E7D5 37 KB
37 KB 74ms
73ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=94060&q=80&r=0&u=https%3A%2F%2Fbipi-pro.s3.eu-west-1.amazonaws.com%2Fspecificvehicleplans%2F641abf74c105a258e2c61d93%2Fvehicle-images%2F641ac24d4e9a15c67133590f_2023_03_22_09_54_37.png&v=3&w=400&rid=4&s=wJZtSCWR5As8DPstld-qxWi6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8b4cce0c3581bd408039c56061d637ea5716418854d5454eeaa63bd538222fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 37687
expires: Mon, 30 Dec 2024 17:15:13 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E7D5 41 KB
42 KB 85ms
84ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=94060&q=80&r=0&u=https%3A%2F%2Fbipi-pro.s3.eu-west-1.amazonaws.com%2Fspecificvehicleplans%2F62c7fc3eb24ca44ae9d24ed6%2Fvehicle-images%2F62c7ff79b24ca44ae9d25e6e_2022_07_08_11_57_13.png&v=3&w=400&rid=4&s=awUGsdFE3HAB9d0evBv4k5NE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6b7b93e57d672c210747fbba96432e751f9a3d480daf7ae65ef745700914839a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 42279
expires: Sat, 11 Jan 2025 08:31:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E7D5 38 KB
38 KB 83ms
83ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=94060&q=80&r=0&u=https%3A%2F%2Fbipi-pro.s3.eu-west-1.amazonaws.com%2Fspecificvehicleplans%2F641d57c2727f83bb2069930f%2Fvehicle-images%2F641d5817727f83bb20699b80_2023_03_24_08_58_15.png&v=3&w=400&rid=4&s=3Vi0Hk3kEcwM7HIwhsw_giIO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e6edab0768e85a7c4c59891ebb67e5a21faad03b408cb86fadccd60afa583985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 38656
expires: Fri, 03 Jan 2025 02:07:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E7D5 0
128 B 57ms
17ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=J3tDfLfHdG6LZbj0A6Z0Mxxsm38lV3oTvSayyepg6oPU8Ube1bylU56kBLgOhCsBELIjA3v6a-CFCU8zlE4cvDUqEsEx5SnSyW7OqEkdaicxZUomvze975IAUJ5vpGYx-ENZLWmr4vfe5fZqUIHf7gPfW3ln4Ung6PQ7-xZBjR-fLZbpqgae4JfobXlCeWmhVAv1iaE74fXLz27wf82jsYcrHpdRGy8H8BcbStnQwRM03SQxNgStAtSl6xg&sds=2&rev=90409&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 31 Jan 2024 22:31:43 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E7D5 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Jan 2025 22:31:44 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame E7D5 2 KB
900 B 18ms
18ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Jan 2025 22:31:44 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame E7D5 2 KB
899 B 17ms
17ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Jan 2025 22:31:44 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A2C3 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?b-Sggg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame E7D5 16 KB
17 KB 67ms
33ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Jan 2025 22:31:44 GMT

GET
H2 200 opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame E7D5 16 KB
16 KB 57ms
40ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-3ff4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Jan 2025 22:31:44 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AEFA 0
0 65ms
64ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoaK1T8q6ZcWEH4KH7_UPkN2e6AfJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAn41WqksO7I-4AIAqAMByAMCqgTAAk_QAS1_FqThiZ6pBqNjpokPFoUHVl6Acd5BCvr6barnauh0kPL24kIoN0lzhLsCJfuldH3bGWvrJi5hRJ84pUMhrMnOnYPIx3XFuWsCmBsKUHtSJ_ONmWXxAHu_P-y5_3c5Bk4TZ2avKjitRkT1fxLx7yWvdOrOQFpvknTzeRn8HllxsjE0x2eoJSIYgUVv9D0W4gVn4AKKC2ACTUBZOWGhDzgdaZe2Bzpsa_PYtyWR55ygSKh8rk2s3CYwmfTdO7funsfAZn1LlCM3H8OzZVzhROxiYlVSePc71gGBfKGG4yi_26xD_ThQMkQHn2ysDZtIfRXt_5AYsj_3HgV_FP0_PBQ3Mg9TIfn4guHiF-U8ycU8V4jOmDnCQvrsBLnEsRGiBEb4bK-HUK8QrjkSjroVlfj-lxmM7G9xvNfMV3IE4AQBgAbv4O7JiJK9-2igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYo4-NjNeIhAPyCBthZHgtc3Vic3luLTc5MjU2ODI5NDAyNTgwMjSACgP6CwIIAYAMAeINEwjat42M14iEAxWCw7sIHZCuB33QFQGAFwGyFxwKGhIUcHViLTU1MTIzOTA3MDUxMzc1MDcYku8h&sigh=faCJrSDYEzs&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_NP1-1LnBwW0D43AV78Hore5uMjrroWte5_OMowr4FwcSI76fOjhEbyEQGijVOmCMU_JN_P-QK1yg9dEq9zmq32b0TN0MiYp59BgB&cbvp=2&vis=1
Requested by: Host: 4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com
URL: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame AEFA 0
126 B 105ms
27ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIz6EvrMCcoHWp2DYgICAAAAwXxoaS_Ls44QT8q6ZYXuvFORJYfJeeEAABIAAAoKQVFVQkR3RVBEdw&wp=ZbrKTwAHwkUIu8OCAAeukBRR67GDPU5rgD2cHw&cbvp=2

Requested by

Host: 4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com
URL: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:31:44 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 144801
server: Kestrel
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401290201&jk=495416218062827&bg=!kpGlkd7NAAa8BdJLnAU7ADQBe5WfOKk113INkr8QR9zF5RncgvLLi4GARf0G45OcJ7Ps7usiP66zKmqvvD6kMiJc4uBhAgAAAFBSAAAAAmgBB5kCwK7ySbtSF9R1PFSvw8z4yIPizdvSmimiGOx9OnKNcn5_aIpoRafl2LPXUISVyhZcsJf1nW2egVx8BtkpRO14FiOM7q5zrOKT3hCyeGOue1VuDLq4wntREewz6n2Fr82q8GDrgkTf_v1Rzn3wFhjtNIh3CnKYxGJ9NR_a3sZLoY3lc0BgsxF_JYBLNsEGczQjRbccnkX5owJk0xeDp6k_kTaeL6uY-fDoWtRtQ77VuqR4wS6UoXtuDb3fMHYgrjfvmrCkqJB4o08OkmlMY_kBe-nRq5g2OmPI3Gx1VpHzwGBMesBB3HEwNU76arYS3YaViDMDJDMX-XnHlSs_f2uhEhX8UIVvFdEUdhiqpxA8inqKWG9cc1QK3EXmZHDfyOiVOxHNkIAFf3MPFtZ2NXSSc3jmIMuRS4xDVs7RDN3bXyBslavIxRTljWNiM0RjEEXuW-YHLxljKn2UxYhTpSfQJJLSkRMQU9RMDd5ukPhK_OKfOvcY8NtSpew-lJZTZ9bgRmWJVzOjdb8K8fAQpfOKYohlqLdMF5K40TzLcI5pOkFiDrhiIFJAMZW_XM4sbJ2crpCpp7NJlF9FkrpP9uSf_rt2NgufrDK563CgDg3K8PajZqgqeg7JhF2fF-17wb5gNg3GCKmS1FMGV9CI_JIoMWNnQy1r-NGNii8_MtYTIgQXiVSgBsxpwQ19n9fJtFWGdKF3tw1WfrTkup4CopZ3q4AXlQREv7UqPEURismYNB1cmYT-pGo5NudnIWBLfJlidUCcSPwaP_8Wg0K-S8e2Ss-CJHKplzNaXoWBR5R1e1Gjr6k2-y3h5n02Xg7VivINDEpz_hKx_anXJR2ekjVkeA9pSYFmRx4UsALY-9lPn06aCHWDj8pPX8--92UFVHSMaVkQiRX2a7N4am9ZM8nRh0LbVljueVqhLyRjMm7z2j1h
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rafyon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AEFA 42 B
174 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBdQoceOuRFlBtPlJPq_pGWFvf4BRYNILxesaYWe_1FFv1jd2V-3cTsYN12WDotba1YS1n88OEt2TMBTWUAXKXbehjHd0npf5DnebHjfzmhUi-lP7fBrxoVCyFA0zf&sig=Cg0ArKJSzMNb-x2i61OTEAE&id=lidar2&mcvt=1000&p=1110,315,1200,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3987850706&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=267310300&rst=1706740303784&rpt=171&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 22:31:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E7D5 0
127 B 17ms
16ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 31 Jan 2024 22:31:44 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rafyon.net/	1970-01-20 18:05:40	Name: lotame_domain_check Value: rafyon.net
.criteo.com/	1970-01-21 03:27:16	Name: uid Value: 468ea73f-075d-4396-b216-d74cfe524070
.criteo.com/	1970-01-21 03:27:16	Name: receive-cookie-deprecation Value: 1
.rafyon.net/	1970-01-21 03:27:16	Name: cto_bundle Value: nGsDk19wbDVOenkzSnB6Y2RSaE4xTXJJM0RIdkd3TmdiYnhVZ2l5OE5qTnZ1WGF6REhobSUyRlJYMTNOZnNwb1lqJTJCdGwlMkZ5VGRiTiUyQncya3lGdmJjMTlOUXV0Y01yOXZTWXBJWFhxOU5GRVFBQkRpYXZ0bGdNaUtobVJET25hOXYzQzlnQ1hKVmFYSTE5V1FFUSUyQk5Ud2VldnJxQkxBJTNEJTNE
.openx.net/	1970-01-21 02:51:16	Name: i Value: 5284a9c0-7108-4b21-baa3-1457381c0968\|1706740303
.rafyon.net/	1970-01-21 03:27:16	Name: __gads Value: ID=70d460f5c9158810:T=1706740303:RT=1706740303:S=ALNI_Mam9LaPtxHRsc0SVeHvulWsrIYYCA
.rafyon.net/	1970-01-21 03:27:16	Name: __gpi Value: UID=00000d4db3192ff2:T=1706740303:RT=1706740303:S=ALNI_MbEsx3JtcpmFZM_osSat6mICLn0XQ
.rafyon.net/	1970-01-20 22:24:52	Name: __eoi Value: ID=82f51ec46fe1083e:T=1706740303:RT=1706740303:S=AA-AfjZn2cX8dokiP8vbKKAcxfpb
.doubleclick.net/	1970-01-21 03:27:16	Name: IDE Value: AHWqTUlDynr8QOc7wJY0RsUhsf_mpl3kjiAqAo7wFxiwFlEY8w6A4gAPXRn_QMnsoCo

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4cece64c9d564167b719ec331ba7b445.safeframe.googlesyndication.com
ads.eu.criteo.com
bcp.crwdcntrl.net
cat.nl3.eu.criteo.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.optad360.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cmp.optad360.io
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
google-bidout-d.openx.net
gum.criteo.com
id5-sync.com
imageproxy.eu.criteo.net
invstatic101.creativecdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
rtb.fr3.eu.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
www.rafyon.net
162.19.138.118
178.250.1.6
18.155.129.56
2600:9000:2250:1400:a:e047:753:eb41
2600:9000:237d:5800:6:b871:4f00:93a1
2600:9000:2394:9a00:11:a4de:2580:93a1
2600:9000:2447:c000:f:a31d:75c0:93a1
2606:4700:10::6816:3456
2606:4700::6810:5514
2606:4700::6811:190e
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:810::2001
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::c
2a06:98c1:3120::3
34.102.146.192
34.120.107.143
34.96.70.87
34.98.64.218
52.48.9.219
04fd3a2305c7dc6473b7fd2feb8b73778e7d8a6f92f2523857a145c77f399259
06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08f3271f24a81101413f28b107fcf6d90d89d662383fedf8882e76f122b0bfce
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0c1ac09766e0f1322a4aaafcf2192f7b1c69f26c3810f9f89f2238373decf8af
0dd63db78cedc8bee5838a6d1944c129094c97b9fc57489f5643d6da11d7bfe5
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
10921def84fcc2ca0978321d156b1b65940fe30b328bd003cdd6a4e4792e24a1
1172b88991c7f2e5da6b7498406323b724f594d80356677aa49556fc873d3450
1a2f962e47e4ec7e48aa29f054eae0fdf49a666d11222c3f72e04247d37a3ae9
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
1f974731c9f403a588970e550dd5c911291f7257e366b89e5952b055e617b578
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2db03c85bdd2bee8b4dc06e66b072f08535ccd759bd32b27cb5370bd71a15abf
2efd5b088456b5b350cdd2afd4e91b4bb44217e2c212a5d150f96ffa185752f5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98
36d9a942cca5b9f6a701720465c53f4e92093e224af0181bd4455b20a45e0957
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
414caa66bb79bc88c1ba6a2a415d2333c0a01aab1c15f74684dfa7542a97d2f7
440aa5d3153062f148eb69869ddd2d57792c704648bdcb582896099015981f19
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49b46188442abf20e776e5a224ab7757709b9807461aec752be1b4ce4dc631ed
4b7da2057c3a37a4c49b313a989f78fbc91ba50ba03725afcde21477b56d3378
4c3e8276a03b75d40fdbc5b40e665022127cbbd1722b6de06839ca69f664b7af
4dd7394a41faacc07b9da2b9febaa68fe1c7c67a142d344f392529b4224de0aa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5795cb406f06bd5aa064782d7b8908fb4cbe385b91ac4bbc08e66a812489cae0
5b49521fd237e0ce7c618aecd7390c03deeac97ff7bb405e07fb7fd429a0f397
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
60bb2c5c13eed49a292e03d8c2ae032e8c9bb39a1a8af1b013deadb75fd9dd57
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
6511c49ad2da79efffa24912c9b244776702a27bc8bdd4afc2855f646b443e10
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6b7b93e57d672c210747fbba96432e751f9a3d480daf7ae65ef745700914839a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
74b059a64ab907df19f8d548cbff2afba3939e5d31d28692a333671eb779ddcf
78eb084b95a38471caa06e279dc54e286f38ed1565e2cc8740e10a0c5e88e746
7982f7b99c1c702a92236c41dcdaa1e1a999b9c41188ca49a358b7632094cc04
7cb3d35b55d42ce147dd843386871c72ad7d78bd3c60a49b1099e41881556f2b
80f368c651e94cd99d9eaab748496e8c2e8aff26f78f0e3e59e732e6c284d25e
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
878c993cd4eb6b6f818e0316f9e6652ac9ee3e7285f343074e75589ea8ff6ffc
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
89f7ca3b0a13782b370063ac11e3780b4bb2164d6d7125cae7a2b23155f54de7
8a10c8b54e1c59596f5caa93f72615a4a67f92567abfb376bfe7ca630aa6107f
8b4cce0c3581bd408039c56061d637ea5716418854d5454eeaa63bd538222fdd
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9148103ca9f6c497dfde5e5342128ea3e6341e2b1469a5241947164bec5c1240
94c9a6730417cfd3dd7ec9ade91cafa3df798207b4e65807d28a32933c1f3335
98081e75b1b7b52f2483b3060127a36a6e59cedb743f4dc3ce68bfe3b39c7b57
9f71c68db8f50cecab42686d45c685b9fa2710dac74bd8eb50df4689575fc204
a195b24c93fe857115ce6c2170b8ce99da4f44daf9110842fe06fd72d19a9276
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a760f2a10c28e3a15403c48b6d2dc0727ff4ff25f846e9fe65bfa12151f382ad
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2
a7e1fce0f4ca98d191cf972d38b5f416ae0fe18ad15cf42ef4c73aacab0510dd
a976cc60761ae1e5d55361726238e9243fc7062e9c8b6344ec604d1152cc8986
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b4d6967c4bafb227f8fd6f0c659da9297bc719b6d4b5c37216244e6bc3e0d609
b5bc421a51791bbbee22e0de81f887fa44756eb90ef1875e2db76cff17832140
b8ed0bda62c8892fed60a40726a65d25fba328479d3d3a6cc23a48865c93e138
bf31958a8b9aa633555e3ac6f30047c2e54a31bbbaa3a85a7f6c2aa7bcb0f6f5
bf993c352a9c882af60619f9ba8b4d66c442be85875d78497571023b2aa5d28d
c0f27ee92a26e2bbb2393e7695351be1c91d890492943f52cf18fcfd899666ed
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d38b3e26dd6b6cc40545482d9ede9a2abc5d123a1f7d8d10c0c270588e5dfb7b
d43d0c2b00d3bc407fafd5be66fee7a74b6bba325fc56f98a96ca6bc1b340683
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d66b4e8556dec780a3be1e72c2bacfac5f379f6977f2886254908e5f87db6bd6
dc177abd6607fae8b2d131cf0cff266d2a3311263b5ec8d0e643c84f2ec112e2
dcf6f6feae5927c60139ce3e1629564df3328ee63a1bf852e04afb957e684041
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e26cdf84ea6019cb4505a4bd4e24b6c8cdc08f18a5ecf7c0a8668f0af945d64f
e31ebf113144bd88c51f9344ae69e9a0533f0484c7876157b5ce7afab3f279dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e544167a21ea17814308901d67f4ed786dc99a152681a795b07e9d452e86a8cd
e6edab0768e85a7c4c59891ebb67e5a21faad03b408cb86fadccd60afa583985
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb3b37e5366083f5ee398138d12cc70e8d8ad9820965aeb65d8c2f46b77ed870
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f3825ab5a948a650d9276b8c3ed43db6f36ac1e7d150c134bc2685e537131b
f38e373a688607ccbc8503ad471aa3bb21d32725d46834eefb73980b9b83e789
f62f3f9c0a35da1361409e756246ad7732b338eb347f7390a890529ca5f5467a
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fc8c3f01079787573b1649aaa0b640405ed00898868df7f8f4096d749bd63e8a
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

www.rafyon.net Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

97 %HTTPS

72 %IPv6

18 Domains

30 Subdomains

30 IPs

4 Countries

1693 kBTransfer

3282 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rafyon.net Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

97 %
HTTPS

72 %
IPv6

18
Domains

30
Subdomains

30
IPs

4
Countries

1693 kB
Transfer

3282 kB
Size

9
Cookies

106 HTTP transactions
1 data transactions