![](/screenshots/070bd3ec-dc96-4ea2-8d29-60bd588dc15e.png)
www.rafyon.net
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Submission: On November 12 via api from US — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on September 18th 2023. Valid for: 3 months.
This is the only time www.rafyon.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net | |
www.googletagservices.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com |
ASN15169 (GOOGLE, US)
2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net |
ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-163-10.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net |
ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net |
ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
ad.doubleclick.net |
ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de
hal9000.redintelligence.net |
ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de
hal90002.redintelligence.net |
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads4.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
8019191.fls.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
37 |
googlesyndication.com
2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 |
199 KB |
29 |
rafyon.net
www.rafyon.net |
462 KB |
23 |
doubleclick.net
7 redirects
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 325135 |
253 KB |
7 |
2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300 |
110 KB |
7 |
casalemedia.com
3 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625 |
5 KB |
5 |
redintelligence.net
1 redirects
hal9000.redintelligence.net — Cisco Umbrella Rank: 38186 hal90002.redintelligence.net — Cisco Umbrella Rank: 251539 |
11 KB |
5 |
adnxs.com
3 redirects
ib.adnxs.com — Cisco Umbrella Rank: 246 |
4 KB |
5 |
ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406 |
104 KB |
3 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 105 |
2 KB |
3 |
criteo.com
1 redirects
gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926 |
7 KB |
3 |
openx.net
1 redirects
oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665 |
752 B |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
2 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223 |
164 KB |
2 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212 |
126 KB |
2 |
crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887 |
12 KB |
2 |
id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440 |
32 KB |
2 |
fontstatic.com
www.fontstatic.com — Cisco Umbrella Rank: 377930 |
71 KB |
2 |
gstatic.com
fonts.gstatic.com |
65 KB |
2 |
salaty.net
www.salaty.net |
13 KB |
2 |
optad360.io
get.optad360.io — Cisco Umbrella Rank: 36330 cmp.optad360.io — Cisco Umbrella Rank: 52711 |
61 KB |
1 |
contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 88526 |
18 KB |
1 |
creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139 |
1 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335 |
1 KB |
1 |
uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491 |
3 KB |
1 |
criteo.net
static.criteo.net — Cisco Umbrella Rank: 668 |
13 KB |
1 |
openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762 |
8 KB |
1 |
optad360.net
cdn.optad360.net — Cisco Umbrella Rank: 59248 |
3 KB |
138 | 27 |
Domain | Requested by | |
---|---|---|
29 | www.rafyon.net |
www.rafyon.net
|
20 | pagead2.googlesyndication.com |
2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com
pagead2.googlesyndication.com www.rafyon.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com |
14 | tpc.googlesyndication.com |
www.rafyon.net
2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net |
8 | cm.g.doubleclick.net |
6 redirects
googleads.g.doubleclick.net
|
7 | s0.2mdn.net |
www.rafyon.net
s0.2mdn.net |
7 | dsum-sec.casalemedia.com |
3 redirects
googleads.g.doubleclick.net
|
6 | securepubads.g.doubleclick.net |
get.optad360.io
securepubads.g.doubleclick.net www.rafyon.net |
5 | ib.adnxs.com |
3 redirects
googleads.g.doubleclick.net
|
5 | cdn.ampproject.org |
securepubads.g.doubleclick.net
|
4 | hal90002.redintelligence.net |
1 redirects
2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com
hal90002.redintelligence.net |
4 | googleads.g.doubleclick.net |
www.rafyon.net
2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com pagead2.googlesyndication.com |
3 | 2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
3 | fonts.googleapis.com |
www.rafyon.net
securepubads.g.doubleclick.net |
3 | cdnjs.cloudflare.com |
www.rafyon.net
cdnjs.cloudflare.com |
2 | 8019191.fls.doubleclick.net |
1 redirects
www.rafyon.net
|
2 | googleads4.g.doubleclick.net |
www.rafyon.net
|
2 | www.googletagservices.com |
2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com
|
2 | www.google.com |
1 redirects
tpc.googlesyndication.com
|
2 | gum.criteo.com |
1 redirects
static.criteo.net
|
2 | oajs.openx.net |
1 redirects
www.rafyon.net
|
2 | www.fontstatic.com |
www.salaty.net
www.fontstatic.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.salaty.net |
www.rafyon.net
www.salaty.net |
1 | adservice.google.com |
8019191.fls.doubleclick.net
|
1 | cdn.contentspread.net |
hal90002.redintelligence.net
|
1 | hal9000.redintelligence.net |
2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com
|
1 | ad.doubleclick.net |
2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com
|
1 | google-bidout-d.openx.net |
oa.openxcdn.net
|
1 | mug.criteo.com |
www.rafyon.net
|
1 | bcp.crwdcntrl.net |
tags.crwdcntrl.net
|
1 | id5-sync.com |
cdn.id5-sync.com
|
1 | invstatic101.creativecdn.com |
securepubads.g.doubleclick.net
|
1 | tags.crwdcntrl.net |
securepubads.g.doubleclick.net
|
1 | cdn.jsdelivr.net |
securepubads.g.doubleclick.net
|
1 | cdn.prod.uidapi.com |
securepubads.g.doubleclick.net
|
1 | cdn.id5-sync.com |
securepubads.g.doubleclick.net
|
1 | static.criteo.net |
securepubads.g.doubleclick.net
|
1 | oa.openxcdn.net |
securepubads.g.doubleclick.net
|
1 | cdn.optad360.net |
www.rafyon.net
|
1 | cmp.optad360.io |
www.rafyon.net
|
1 | get.optad360.io |
www.rafyon.net
|
138 | 41 |
This site contains links to these domains. Also see Links.
Domain |
---|
en.optad360.com |
www.facebook.com |
twitter.com |
www.arb4host.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
rafyon.net GTS CA 1P5 |
2023-09-18 - 2023-12-17 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.optad360.io Amazon RSA 2048 M02 |
2023-09-17 - 2024-10-15 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
salaty.net GTS CA 1P5 |
2023-09-18 - 2023-12-17 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
fontstatic.com E1 |
2023-11-11 - 2024-02-09 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
*.optad360.net Amazon RSA 2048 M02 |
2023-06-26 - 2024-07-24 |
a year | crt.sh |
oa.openxcdn.net GTS CA 1D4 |
2023-09-25 - 2023-12-24 |
3 months | crt.sh |
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-10-09 - 2024-01-06 |
3 months | crt.sh |
cdn.prod.uidapi.com R3 |
2023-11-02 - 2024-01-31 |
3 months | crt.sh |
*.crwdcntrl.net Amazon RSA 2048 M01 |
2023-10-08 - 2024-11-05 |
a year | crt.sh |
invstatic101.creativecdn.com GTS CA 1D4 |
2023-10-24 - 2024-01-22 |
3 months | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2023-12-23 |
3 months | crt.sh |
*.id5-sync.com R3 |
2023-11-01 - 2024-01-30 |
3 months | crt.sh |
*.openx.net RapidSSL TLS RSA CA G1 |
2023-08-18 - 2024-08-18 |
a year | crt.sh |
misc-sni.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
redintelligence.net R3 |
2023-10-10 - 2024-01-08 |
3 months | crt.sh |
contentspread.net R3 |
2023-10-23 - 2024-01-21 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
This page contains 17 frames:
Primary Page:
https://www.rafyon.net/read702/78.html?hash=YW5hZmFzdCA9PiBodHRwczovL2FuYWZhc3QuY2MvZW1iZWQtbTc0Y2RjaDRsNXd0Lmh0bWw=
Frame ID: 2A41C19BFCF6AAE288BA4B5441EE7002
Requests: 57 HTTP requests in this frame
Frame:
https://www.salaty.net/embed.html?with-country=2&with-city=36&with-lang=ar&with-sunrise=1&with-city-desc=0&with-city-time=0&with-difference=0&with-developers=0&with-color=004040
Frame ID: 1D3C71A7AFCA70BDE12AD5D1E17C4FED
Requests: 4 HTTP requests in this frame
Frame:
https://2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A377EFA67AE837912CBA672734113707
Requests: 1 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.rafyon.net
Frame ID: 74C2E3DFC646456A47F94C34AAF1C4B0
Requests: 2 HTTP requests in this frame
Frame:
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 7D958AA79DA169F6C5D6B8FB8FA2096E
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 576113F2096F7C2BFBE371AFDBC22686
Requests: 14 HTTP requests in this frame
Frame:
https://2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E7E83A31BBB98FB09EC143913488A628
Requests: 16 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiEp7zGATAB&v=APEucNVU-VQ5Ca3cvnf-V8u7-UeQXkEgufYjB2diWF97BuDnCM_iJ5ZtTARzGIUOaGbHNivzJNxW9LHKQgO7cVRk3TfxomIPQB7OhaQKOGJmBBFINRjl0JqUdgKA2rFOQ0MJoi2fH5wfsn5r0VjzjZI43TO9sbUCQevm2lDFxw6ezhC0SHa_BkxBrAn7eYrAGvmlsvPGgvRN5kHrgFaxjmDs159LPtDAXA
Frame ID: 126C2F06F9075A1D73A5087ABE12F030
Requests: 5 HTTP requests in this frame
Frame:
https://2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 73EDC8C8915E0DC59CC7087DA3E36676
Requests: 14 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLWwChCPwUUYvcWc5QEwAQ&v=APEucNUD29FrLvrn8FFt9N8Vd5u7nxRcB3ocgAvToyz1cqdML-0qKm6kAHixjVJJeingClujR74_y-bOM8S-8QNoHk7CDo_hNgChA7JldNQS1SrkOGB8sRnSfBEu9mOdm8ZjYhe8vRT44jPY0YU1UStN4uKASbCKpwcqDUvQIQte7Pkx9uTG524yvaIuBNJoIfFCXBhnwxHP5eoE2wEF0Glnu5kr939Kqg
Frame ID: F95E06BCED95255D7EC623447B9F1CA4
Requests: 5 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 41ECB633D9CF4F8CFF56A3877A8AC6BE
Requests: 3 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 84C44114CE0887C96FB98FD75B7A5ECB
Requests: 3 HTTP requests in this frame
Frame:
https://s0.2mdn.net/sadbundle/14482064635620417758/index.html?ev=01_250
Frame ID: BA0900AB77640AB6D5D0B6A0165414E3
Requests: 6 HTTP requests in this frame
Frame:
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNKEhdCzv4IDFTUXogMdK1QBJg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7338609189303.52
Frame ID: 8D30828294D887E7AED4063167751ECA
Requests: 2 HTTP requests in this frame
Frame:
https://hal90002.redintelligence.net/request_content.php?s=98622600140485304445414012506002&a=013dcc30
Frame ID: 725B882CD044E93CD621D51ADFBF69DA
Requests: 4 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1F9769076D7BABB986A12095E73C90F2
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 9587C58279851F0E6FEB1EE822545D38
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/070bd3ec-dc96-4ea2-8d29-60bd588dc15e.png)
Page Title
هل يعتزل كريستيانو رونالدو في النصر؟ - رافيونDetected technologies
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Yoast SEO.png)
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Detected patterns
- adnxs\.(?:net|com)
Detected patterns
- 2mdn\.net
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- googlesyndication\.com/
- 2mdn\.net
![](/vendor/wappa/icons/OpenX.png)
Detected patterns
- https?://[^/]*\.openx\.net
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: برمجة وتصميم عرب فور هوست
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 55- https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.rafyon.net%2Fread702%2F78.html%3Fhash%3DYW5hZmFzdCA9PiBodHRwczovL2FuYWZhc3QuY2MvZW1iZWQtbTc0Y2RjaDRsNXd0Lmh0bWw%3D&rid=esp HTTP 302
- https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.rafyon.net%2Fread702%2F78.html%3Fhash%3DYW5hZmFzdCA9PiBodHRwczovL2FuYWZhc3QuY2MvZW1iZWQtbTc0Y2RjaDRsNXd0Lmh0bWw%3D&rid=esp&cc=1
- https://gum.criteo.com/sid/json?origin=publishertagids&domain=rafyon.net&sn=ChromeSyncframe&so=0&topUrl=www.rafyon.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
- https://mug.criteo.com/sid?cpp=EIzUU3w3am5OWXIwajRTR1V1T3ZXUTNHK3JtVkFMZ1ZWWUIyMzlmTU4wd0dJMCtMcXVKNkpnUTRaUEMrMXp5a0UxTHVEN1ltY0RqcHVsRG8vY3kyQy9vZUF1T2k3cTZyanBvZGdtOXR0bWlnTWZIREhnSHNGVkR1WHBMejZxU2dCdFlGWExMMytkcFVDSFo3NlFQNFVVMkMxWG1SL2dEWmdzT1ltYUtBY0NvOWVHd3RpVDB2TTljVldBbWhTWDROd05ISWkzOFl3WlA4MGFsUERsZmdhTXhuUDZqUlVoYjhDWVV2dS9hTUJSM2lqdFVEUTVZQ1FGS2dkZEFYNWRqZVFGeGhyakhaNXN2VDNhZGtMUTBKM2gzYjJKZz09fA&cppv=2
- https://www.google.com/pagead/drt/ui HTTP 302
- https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPd32ZYSw99VqnCdgyZbwqw&google_cver=1
- https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
- https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVFDWnYHXypzGT.X5u4WZwAA HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPd32ZYSw99VqnCdgyZbwqw&google_cver=1&google_hm=2
- https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
- https://ib.adnxs.com/setuid?entity=101&code=CAESEP2YUVW85BNMlfB9uuNpN34&google_cver=1
- https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI4MDkwNTM4Njc2NjI0MTM3Mg%3D%3D
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPd32ZYSw99VqnCdgyZbwqw&google_cver=1
- https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVFDWnYHXypzGT.X5u4WZwAA HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPd32ZYSw99VqnCdgyZbwqw&google_cver=1&google_hm=2
- https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
- https://ib.adnxs.com/setuid?entity=101&code=CAESEP2YUVW85BNMlfB9uuNpN34&google_cver=1
- https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI4MDkwNTM4Njc2NjI0MTM3Mg%3D%3D
- https://hal90002.redintelligence.net/request.php?zone=6zpgftvkkw73&nw=20&renderingType=javascript&namespace=195daedd10&subid=&uid=2f706b74a75e9350&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x100&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXbCOWUNRZdOxMZDggAeLraqQC8z5hqBp273H__cP8C4QASCqgMMiYJEEyAEJqQLSS1n3nu2xPqgDAcgDmwSqBJcCT9C5Legf9Pc61IQGZJ3sA8wnGJZxXgl25UUjWJvnxi8MhHNHMCfoDZWmMS5Cbs9VhynWoh4_4pwsvwBEPo8UJyYMTarg-KhmAU0mONT9HHYA1YA2I_Y6_8ppMdc88MZgZNugd4uBNoL__Lk4vqjwGT5RQUUi2cQT6-M5ZhCLZ6b_iMpFSH2-gYNEYWQp3GzxMLD26mLAyKKx8cio_O27zlBrKP2sk_BnInyELUIavPFFKzg52I1YMbX7umYxi3n-4rv8cQtK-OW0X0UHo_78sd88mVAda--2nImbqVE_WDof7XqD9aUcwN6Chv-UBbQZ0dKgMNcAyMFJt-OKcsaY66enIBlUNGU8U9hIDdAhnnGVYZQEzgCxwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03OTI1NjgyOTQwMjU4MDI0gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CTkziDRMIhPi0z7O_ggMVEDDgCh2LlgqysBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNENE_Ntcswk8b7TKoP6OFc8RbDqrRiLNSDnu3WsiloU6fSsrYG11kpMQnupvQnc_KG7tcId8BE7gEDSkNWMh5goOB1p-YBtavUlYYAQ%26sig%3DAOD64_0ai5lDpZFATVbDZzpHz4D5Vk5o1Q%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CCmgLU0y8G6gz7MXKoHP7TSHVsTBT0RTK7Z_CQNLx_tw6ylJRU82X0tzkB0r_2gqsQ109k20Mt-ReIawepPkIJYdeEvM1u0-2q9CQG7LgSaUm_rao73_V8F903qCKO8h2qWkKdHauPce1Q4FHzdz7XZIxc8zRTIZLbaz5j7ZM2-DGIB4g%26cry%3D1%26dbm_d%3DAKAmf-CawW9QCeL-PhUNMgVAw3A-8MyzvNLHFZhuL8ntaM7UZFtsB9oy6aAK0K0t1Cf1B_DwpJ8eavlCF2CTZsfB3M-sbItdP4oIJ7L2_uGDIGIus_98Ob4rIgz4s4a4Jvgqi-0GC700Txumw9PNgEHM8U-8U5WVPKyWn-EpzIRKgblNNjpq85cxemfYFJv08PTePaV0-gV-fPlKDRBZi9YbUqFce3780gcWRXWnqF709zCDv7M6CKY6ehFwScxddbfc26cMS423yS1ON69_T_YoewIdoTLg7MBKIm-bmUgewa_kcyKoKS01lZ9LcUM9k0GunVObbOZCGQmSWAWTdQ0CHMGg4eTDYz28cPA4dSGhT0d1zmZ4x60XgyvulHK55VOb0GfF3ADwK1oigQW5Vw7z-3dSUHWdAxHi51PWflVhywrj-R2v3yUGQXcmUNEjlfgtPDMuHyFJIFmca9LJSoqjILl6Z9DGJn43Aaze-MqoLuEhEwADuydLP2hrnVEq6bFqN4TYe4TP7wQI9VfmXBBDnCHSirGlEV2o7m7-odFmSCzQR2uRYdEO4cyGboD5-TACD4kG2DTsTYxwCshDvrFcJawoWhpenQCcdHuoN8PbLp0C2kkLF7TVKI8OcBVv-P7UKauDYkWfnJFlmtwgN92I7Y-oUBZ2833XDBr8ovqWWWEH3cW7ADY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.rafyon.net%2F&ancestorOrigins=https%3A%2F%2Fwww.rafyon.net&random=8238664272311&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
- https://hal90002.redintelligence.net/request.php?zone=6zpgftvkkw73&nw=20&renderingType=javascript&namespace=195daedd10&subid=&uid=2f706b74a75e9350&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x100&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXbCOWUNRZdOxMZDggAeLraqQC8z5hqBp273H__cP8C4QASCqgMMiYJEEyAEJqQLSS1n3nu2xPqgDAcgDmwSqBJcCT9C5Legf9Pc61IQGZJ3sA8wnGJZxXgl25UUjWJvnxi8MhHNHMCfoDZWmMS5Cbs9VhynWoh4_4pwsvwBEPo8UJyYMTarg-KhmAU0mONT9HHYA1YA2I_Y6_8ppMdc88MZgZNugd4uBNoL__Lk4vqjwGT5RQUUi2cQT6-M5ZhCLZ6b_iMpFSH2-gYNEYWQp3GzxMLD26mLAyKKx8cio_O27zlBrKP2sk_BnInyELUIavPFFKzg52I1YMbX7umYxi3n-4rv8cQtK-OW0X0UHo_78sd88mVAda--2nImbqVE_WDof7XqD9aUcwN6Chv-UBbQZ0dKgMNcAyMFJt-OKcsaY66enIBlUNGU8U9hIDdAhnnGVYZQEzgCxwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03OTI1NjgyOTQwMjU4MDI0gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CTkziDRMIhPi0z7O_ggMVEDDgCh2LlgqysBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNENE_Ntcswk8b7TKoP6OFc8RbDqrRiLNSDnu3WsiloU6fSsrYG11kpMQnupvQnc_KG7tcId8BE7gEDSkNWMh5goOB1p-YBtavUlYYAQ%26sig%3DAOD64_0ai5lDpZFATVbDZzpHz4D5Vk5o1Q%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CCmgLU0y8G6gz7MXKoHP7TSHVsTBT0RTK7Z_CQNLx_tw6ylJRU82X0tzkB0r_2gqsQ109k20Mt-ReIawepPkIJYdeEvM1u0-2q9CQG7LgSaUm_rao73_V8F903qCKO8h2qWkKdHauPce1Q4FHzdz7XZIxc8zRTIZLbaz5j7ZM2-DGIB4g%26cry%3D1%26dbm_d%3DAKAmf-CawW9QCeL-PhUNMgVAw3A-8MyzvNLHFZhuL8ntaM7UZFtsB9oy6aAK0K0t1Cf1B_DwpJ8eavlCF2CTZsfB3M-sbItdP4oIJ7L2_uGDIGIus_98Ob4rIgz4s4a4Jvgqi-0GC700Txumw9PNgEHM8U-8U5WVPKyWn-EpzIRKgblNNjpq85cxemfYFJv08PTePaV0-gV-fPlKDRBZi9YbUqFce3780gcWRXWnqF709zCDv7M6CKY6ehFwScxddbfc26cMS423yS1ON69_T_YoewIdoTLg7MBKIm-bmUgewa_kcyKoKS01lZ9LcUM9k0GunVObbOZCGQmSWAWTdQ0CHMGg4eTDYz28cPA4dSGhT0d1zmZ4x60XgyvulHK55VOb0GfF3ADwK1oigQW5Vw7z-3dSUHWdAxHi51PWflVhywrj-R2v3yUGQXcmUNEjlfgtPDMuHyFJIFmca9LJSoqjILl6Z9DGJn43Aaze-MqoLuEhEwADuydLP2hrnVEq6bFqN4TYe4TP7wQI9VfmXBBDnCHSirGlEV2o7m7-odFmSCzQR2uRYdEO4cyGboD5-TACD4kG2DTsTYxwCshDvrFcJawoWhpenQCcdHuoN8PbLp0C2kkLF7TVKI8OcBVv-P7UKauDYkWfnJFlmtwgN92I7Y-oUBZ2833XDBr8ovqWWWEH3cW7ADY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.rafyon.net%2F&ancestorOrigins=https%3A%2F%2Fwww.rafyon.net&random=8238664272311&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
- https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7338609189303.52 HTTP 302
- https://8019191.fls.doubleclick.net/activityi;dc_pre=CNKEhdCzv4IDFTUXogMdK1QBJg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7338609189303.52
138 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
78.html
www.rafyon.net/read702/ |
56 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-rtl.min.css
www.rafyon.net/wp-includes/css/dist/block-library/ |
102 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/ |
57 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.rafyon.net/wp-content/themes/newsplus/assets/css/ |
124 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
www.rafyon.net/wp-content/themes/newsplus/assets/fonts/ |
1 KB 633 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.rafyon.net/wp-content/themes/newsplus/ |
39 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.rafyon.net/wp-includes/js/jquery/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
www.rafyon.net/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugin.min.js
get.optad360.io/sf/eea8f441-3b22-4ddb-a021-33600b968506/ |
279 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
183b5691-fc93-4f3c-a7ba-3c3a1f87c01e.min.js
cmp.optad360.io/items/ |
509 B 891 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rafyon.png
www.rafyon.net/wp-content/uploads/2020/11/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
comment-reply.min.js
www.rafyon.net/wp-includes/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.rafyon.net/wp-content/themes/newsplus/assets/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
8f92b03a-f6f9-4385-a830-859f40861b95
https://www.rafyon.net/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
droidarabickufi.css
fonts.googleapis.com/earlyaccess/ |
1 KB 624 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
droidarabicnaskh.css
fonts.googleapis.com/earlyaccess/ |
1 KB 365 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed.html
www.salaty.net/ Frame 1D3C |
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D8%B1%D9%88%D9%86%D8%A7%D9%84%D8%AF%D9%88--800x600.jpg
www.rafyon.net/wp-content/uploads/2023/10/ |
56 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D9%83%D9%8A%D9%84%D9%8A%D8%A7%D9%86-%D9%85%D8%A8%D8%A7%D8%A8%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/10/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D8%AA%D8%B4%D9%8A%D9%84%D8%B3%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ |
20 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D8%A8%D9%88%D8%AA%D8%B4%D8%AA%D9%8A%D9%86%D9%88--360x200.jpeg
www.rafyon.net/wp-content/uploads/2023/11/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D9%81%D9%8A%D8%B1%D8%AC%D8%B3%D9%88%D9%86--360x200.jpeg
www.rafyon.net/wp-content/uploads/2023/11/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D8%A3%D8%B1%D8%AA%D9%8A%D8%AA%D8%A7-360x200.jpeg
www.rafyon.net/wp-content/uploads/2023/11/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D8%A7%D8%B1%D8%B3%D9%86%D8%A7%D9%84-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/10/ |
21 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D9%88%D8%B2%D9%8A%D8%B1-%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A--360x200.jpg
www.rafyon.net/wp-content/uploads/2023/10/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D9%88%D9%84%D9%8A-%D8%A7%D9%84%D8%B9%D9%87%D8%AF-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ |
19 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%DA%A4%D9%88%D9%8A-%DA%A4%D9%88%D9%8A-%DA%A4%D9%88%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/10/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D8%AA%D8%AD%D8%B6%D9%8A%D8%B1-%D8%A7%D9%84%D8%AA%D9%88%D9%86%D8%A9-%D8%A7%D9%84%D9%82%D8%B7%D8%B9-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D9%85%D8%B1%D9%83%D8%B2%D9%8A-%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82%D9%8A-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D8%A7%D9%84%D8%AD%D8%AF-%D8%A7%D9%84%D8%A3%D8%AF%D9%86%D9%89-%D9%84%D9%84%D8%A3%D8%AC%D9%88%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ |
14 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D8%B5%D9%88%D8%B5-%D8%A7%D9%84%D8%AC%D8%A8%D9%86%D8%A9-%D8%A7%D9%84%D8%B4%D9%8A%D8%AF%D8%B1-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D8%B3%D9%8A%D8%AF-%D8%B1%D8%AC%D8%A8-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
%D9%85%D9%84%D9%81%D9%83-%D8%A7%D9%84%D8%B4%D8%AE%D8%B5%D9%8A-%D8%B9%D9%84%D9%89-%D9%88%D8%A7%D8%AA%D8%B3%D8%A2%D8%A8-360x200.jpg
www.rafyon.net/wp-content/uploads/2023/11/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/ |
78 KB 78 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/ |
75 KB 75 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DroidKufi-Bold.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Greta_Arabic_Regular.otf
www.rafyon.net/wp-content/themes/newsplus/assets/fonts/ |
154 KB 55 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wp-emoji-release.min.js
www.rafyon.net/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f=sky
www.fontstatic.com/ Frame 1D3C |
203 B 626 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
102 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
branding-ads.svg
cdn.optad360.net/icons/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.png
www.salaty.net/themes/default/assets/img/ Frame 1D3C |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sky.woff
www.fontstatic.com/fonts/sky/ Frame 1D3C |
70 KB 70 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ |
426 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
esp.js
oa.openxcdn.net/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
publishertag.ids.js
static.criteo.net/js/ld/ |
42 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
esp.js
cdn.id5-sync.com/api/1.0/ |
147 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uid2SecureSignal.js
cdn.prod.uidapi.com/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ |
732 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ |
39 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
securepubads.g.doubleclick.net/gampad/ |
108 KB 44 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
securepubads.g.doubleclick.net/gampad/ |
68 KB 15 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
securepubads.g.doubleclick.net/gampad/ |
26 KB 12 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A377 |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
esp
oajs.openx.net/ Redirect Chain
|
85 B 203 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syncframe
gum.criteo.com/ Frame 74C2 |
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
increment
id5-sync.com/api/esp/ |
0 230 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
map
bcp.crwdcntrl.net/6/ |
60 B 335 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sid
mug.criteo.com/ Frame 74C2 Redirect Chain
|
417 B 646 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pd
google-bidout-d.openx.net/w/1.0/ Frame 7D95 |
0 176 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 5761 |
196 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5761 |
15 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5761 |
95 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5761 |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5761 |
40 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 5761 |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5761 |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5761 |
344 B 714 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14763004658117789537
tpc.googlesyndication.com/simgad/5484163921067881511/ Frame 5761 |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 5761 |
213 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5761 |
33 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5761 Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E7E8 |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
googleads.g.doubleclick.net/xbbe/ Frame 126C |
624 B 527 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E7E8 |
89 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7E8 |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7E8 |
0 349 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame E7E8 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame E7E8 |
20 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E7E8 |
199 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adview
securepubads.g.doubleclick.net/pagead/ Frame 5761 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum
dsum-sec.casalemedia.com/ Frame 126C Redirect Chain
|
43 B 769 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum
dsum-sec.casalemedia.com/ Frame 126C Redirect Chain
|
43 B 733 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
ib.adnxs.com/ Frame 126C Redirect Chain
|
43 B 835 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame 126C Redirect Chain
|
170 B 409 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7E8 |
0 56 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7E8 |
0 56 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad
googleads.g.doubleclick.net/dbm/ Frame E7E8 |
20 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
container.html
2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 73ED |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
googleads.g.doubleclick.net/xbbe/ Frame F95E |
624 B 245 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 73ED |
111 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/ Frame 73ED |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame 73ED |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 73ED |
41 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 73ED |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 73ED |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 73ED |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 73ED |
199 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E7E8 |
41 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTgyNDQ3NDMzNjI4MQogIHNlcnZlcl9pcDogMTI2MDY3NjEyCiAgcHJvY2Vzc19pZDogMTg0NTgxNjEwMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame E7E8 |
0 940 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6zpgftvkkw73
hal9000.redintelligence.net/zone/ Frame E7E8 |
12 KB 4 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 41EC |
38 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 73ED |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 84C4 |
38 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 73ED |
214 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum
dsum-sec.casalemedia.com/ Frame F95E Redirect Chain
|
43 B 735 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum
dsum-sec.casalemedia.com/ Frame F95E Redirect Chain
|
43 B 739 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
ib.adnxs.com/ Frame F95E Redirect Chain
|
43 B 836 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame F95E Redirect Chain
|
170 B 232 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 41EC |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 84C4 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
request.php
hal90002.redintelligence.net/ Frame E7E8 Redirect Chain
|
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.html
s0.2mdn.net/sadbundle/14482064635620417758/ Frame BA09 |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view
googleads4.g.doubleclick.net/pcs/ Frame 73ED |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6ccb0c67f755856429b1364873bf0832.js
s0.2mdn.net/sadbundle/14482064635620417758/ Frame BA09 |
88 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7454522b480bc265d53f659442deec5e.svg
s0.2mdn.net/sadbundle/14482064635620417758/media/ Frame BA09 |
12 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a2ceed1ce1c3ba0c08979b43a9c4495d.jpg
s0.2mdn.net/sadbundle/14482064635620417758/media/ Frame BA09 |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8452a4b193d49e7487f9a1155eb60836.svg
s0.2mdn.net/sadbundle/14482064635620417758/media/ Frame BA09 |
11 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a357aec2208f2fe33d57546da193683c.svg
s0.2mdn.net/sadbundle/14482064635620417758/media/ Frame BA09 |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84C4 |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view
googleads4.g.doubleclick.net/pcs/ Frame 73ED |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 41EC |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CNKEhdCzv4IDFTUXogMdK1QBJg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7338609189303.52
8019191.fls.doubleclick.net/ Frame 8D30 Redirect Chain
|
390 B 326 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
request_content.php
hal90002.redintelligence.net/ Frame 725B |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame E7E8 |
213 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
S-320x100.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame 725B |
18 KB 18 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
viewability
hal90002.redintelligence.net/ Frame 725B |
0 150 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 725B |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CNKEhdCzv4IDFTUXogMdK1QBJg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7338609189303.52
adservice.google.com/ddm/fls/z/ Frame 8D30 |
42 B 401 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 5761 |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1F97 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 9587 |
829 B 997 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 1F97 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 9587 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 1F97 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 73ED |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7E8 |
0 20 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
156 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery object| addComment object| a4h_js_vars object| a4h_js_load_more_posts object| AdSlotCollection function| oaSetCookie function| oaGetCookie function| oaCreateGeoRestrictionCookie object| twemoji object| wp boolean| __isGoogleAllowed object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.rafyon.net/ | Name: __oagr Value: true |
|
.rafyon.net/ | Name: lotame_domain_check Value: rafyon.net |
|
.criteo.com/ | Name: uid Value: 799361a8-3e39-40fc-8f1d-671b7abc6944 |
|
.rafyon.net/ | Name: cto_bundle Value: cveSpF82REdSbkpNZGFlUHY4VDFrUHZTWm5WWWxNZjZiZmNVQXlhS1lFckRVa2J4YUpFbnVmazFEZ2pCWVM5V3RBUnZWa3RtWk9UcjJOS2k5NU5aWjNRN3pIMEN3cFNWdmNuWlZFT2lweDdIcWN5RGNpeiUyQmJzWmJYaW9WSnFVVEw4VU03SnB3cjI5WlhRUnpiRjYzOVVVenN1QSUzRCUzRA |
|
.openx.net/ | Name: i Value: b8568034-c913-4bfa-94e9-0d9ab7ce0e94|1699824473 |
|
.doubleclick.net/ | Name: DSID Value: NO_DATA |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnNqKaNv3-1yXRAhE3srqnir0CTpHPgd7F_nFL-gxpmn9ZoYcKNss7xHpl3 |
|
.adnxs.com/ | Name: uuid2 Value: 6280905386766241372 |
|
.casalemedia.com/ | Name: CMID Value: ZVFDWnYHXypzGT.X5u4WZwAA |
|
.casalemedia.com/ | Name: CMPS Value: 2170 |
|
.casalemedia.com/ | Name: CMPRO Value: 2170 |
|
.rafyon.net/ | Name: __gads Value: ID=74635d7c1b2fd3e5:T=1699824473:RT=1699824473:S=ALNI_MYqVOLxqujI6_CLISY5mljXO35WhA |
|
.rafyon.net/ | Name: __gpi Value: UID=00000cc13c488101:T=1699824473:RT=1699824473:S=ALNI_MbGOCSpwVHgTZh-FZv6Dq0ZW8vWNw |
|
.doubleclick.net/ | Name: APC Value: AfxxVi40szpODsrQZnwriZ5x_bilEQLwHFy6zTPZwFb7ftcDFhiP4w |
|
.adnxs.com/ | Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUba-KR+!1yIE`fS1ueD1W-044)d+]NEQ)L'k+HMQmppJ:`yE9I.%A8`d0/(oYQpYNMxP(hw9P-HC_#tsu7)eN*7 |
|
.doubleclick.net/ | Name: ar_debug Value: 1 |
|
.redintelligence.net/ | Name: 8lcfmzhxc8d6_uid Value: e2a93abea67660bb |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2cdda8b1fdfea5b23ba3813658205386.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
bcp.crwdcntrl.net
cdn.ampproject.org
cdn.contentspread.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.optad360.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cmp.optad360.io
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90002.redintelligence.net
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.fontstatic.com
www.google.com
www.googletagservices.com
www.rafyon.net
www.salaty.net
104.18.36.155
116.202.48.214
142.250.184.194
142.250.185.130
142.250.186.70
162.19.138.119
172.217.16.134
185.89.210.46
2600:9000:206f:a200:f:a31d:75c0:93a1
2600:9000:2156:a200:6:b871:4f00:93a1
2600:9000:225b:7a00:a:e047:753:a221
2600:9000:225e:e00:11:a4de:2580:93a1
2606:4700:10::6816:3556
2606:4700:3030::ac43:9391
2606:4700::6810:5614
2606:4700::6811:180e
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a02:2638:3::3
2a02:2638:3::c
2a06:98c1:3120::3
2a06:98c1:3121::3
34.102.146.192
34.120.107.143
34.96.70.87
35.244.159.8
46.4.10.47
54.194.163.10
54.36.108.3
65.9.66.122
04fd3a2305c7dc6473b7fd2feb8b73778e7d8a6f92f2523857a145c77f399259
06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08b3fc8ab4ac100947518d524b28e12a545832e69d38852029ee851dc837676d
0b85ef18a8a56899a2b91ad4616d8ba824e56c88879dad3c23b69697058b3aad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ac09766e0f1322a4aaafcf2192f7b1c69f26c3810f9f89f2238373decf8af
0dd63db78cedc8bee5838a6d1944c129094c97b9fc57489f5643d6da11d7bfe5
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
10227d4b6da0ccc2a8944e7acb8db3349164ba2475bbcfaa5a58955daba997ff
10921def84fcc2ca0978321d156b1b65940fe30b328bd003cdd6a4e4792e24a1
15efd616a12ec9db8a03a05228105267a5a6b20fa0aed22f642ad81d0c98a02b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1a2f962e47e4ec7e48aa29f054eae0fdf49a666d11222c3f72e04247d37a3ae9
1a6f4f68fdea10f9ae1d3c1d858fb2dc4e361528290d4c3a9a3404db3f6afbef
1aae9f898179597d40812a0689b3c6b8cd94b7de9eaed27262199393981207ae
25789dda889deb19cab21ecb31239ccaf76630fd5f70d27c95c2b6b99187a43c
2b3cf9d2fd5fde29aa02875cc3f7a61f899567762830b834c3ada948b4622ab3
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98
36d9a942cca5b9f6a701720465c53f4e92093e224af0181bd4455b20a45e0957
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3d55476038dfe34a53d1e5be0d78fa70b2dde6720d622be9ff8b9c9008b0de52
414caa66bb79bc88c1ba6a2a415d2333c0a01aab1c15f74684dfa7542a97d2f7
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
475fd532f80a36494ddd71f67913b28bf62763f3d63045613f6e2bcd1f647f4f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c3e8276a03b75d40fdbc5b40e665022127cbbd1722b6de06839ca69f664b7af
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51881959e618fd23b6bec2ea2790a023e4befbe3f5e4bf738dc41714638053a0
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c00e3cf2c18c9259b4ee51adf37fa8f416a6a35201b2b9c2aa5f7457cdcb428
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6511c49ad2da79efffa24912c9b244776702a27bc8bdd4afc2855f646b443e10
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
69bcc20a0f78118f5bcdda4fba6598815b9c0ece19e3211f7505c6f0f8d40190
6bd00a44a456f30078ee922c40a88137e17d0e3b28a6ca770ef069ed9bd44fcf
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
702662ed5ba202f0771642b44b12f7b9f04d2e1712dcccddeabc8655476e1940
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7beb67896e969bca947fdfbd1f11e20ae0e5989f7a444bc69c0eba234fd7bbca
7cb3d35b55d42ce147dd843386871c72ad7d78bd3c60a49b1099e41881556f2b
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
89f2d1f27a52fb515390326a25785ee499c5e84572da9ba7b7ad0807f658924c
8a10c8b54e1c59596f5caa93f72615a4a67f92567abfb376bfe7ca630aa6107f
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8de3a8714784213ac60c3bfa981c4c7ac0d18d07366888302660a0a3918c2249
8f97551cd42fb0f44e1cf044aeb604a6fbe24d0b3eed6acc81721649167097cd
9148103ca9f6c497dfde5e5342128ea3e6341e2b1469a5241947164bec5c1240
99bcb1c88785781418083b5ec2ef0f49dc98e6b5230cbfe0215c8945a58cd948
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a0eda4cec4632f9fb08418ba565380acae7551a8939f1250f119f47d48cf959c
a18ced1ed8495346815438bdd1bd7d7d15f812cbfb087384b1a96ec18ad54a72
a195b24c93fe857115ce6c2170b8ce99da4f44daf9110842fe06fd72d19a9276
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a424af0227b9f4d0d456c19cafa6c3894c9d16353289ac5f0fc2d0409dc0a9de
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a7e1fce0f4ca98d191cf972d38b5f416ae0fe18ad15cf42ef4c73aacab0510dd
a976cc60761ae1e5d55361726238e9243fc7062e9c8b6344ec604d1152cc8986
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b02f712bafaaaf093abcbe50187969700636642c4a9b659974eae2da90b2f914
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4d6967c4bafb227f8fd6f0c659da9297bc719b6d4b5c37216244e6bc3e0d609
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5bc421a51791bbbee22e0de81f887fa44756eb90ef1875e2db76cff17832140
bba9d42a99e14dd0a941da96c2b45893cc24ae3fbfb000c8aeb0eaa1ab028169
bccc77626415983950af29ea7c4b2d969a6ebaa8f1f71802f3886e9299189fe1
bd39a41d0d4217a4f04f38081faf09365353cbd9f37f05008e1fe6d9bb5a8319
be4a85e01f0b87c03fea7148e9567ea1728b4459422933e459ce0b95799c0570
bf993c352a9c882af60619f9ba8b4d66c442be85875d78497571023b2aa5d28d
bfd2899911ac644593b3c7eca3c60296a4acc922d2d7b31aebb10ca02dd7fb7c
c0e164a9ebb0c15e7b6f1d1b6216b21bf6d566e9d009233ffc8a9185cae227ff
c0f27ee92a26e2bbb2393e7695351be1c91d890492943f52cf18fcfd899666ed
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c656596b59b73b691d3d52745224e18e2f692fd34b9fa97d7170467001f584f8
c933b803d23dd223840fcc4e13acde710b267913775e9d49f64a88d3d26f45ff
cd736856f82fb1671d1efa96c6b1272aa38b89bd767d8e67c78e30e8029e940a
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d376b8f5155cce923f1d9eb3e08974def3f0e51f10df79bd02d35a8275f9c6a6
d66b4e8556dec780a3be1e72c2bacfac5f379f6977f2886254908e5f87db6bd6
da98cd654dbc6d46ffa1de5d5005b3f842e2341ace1bea3bab72efa6cb92344c
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e26cdf84ea6019cb4505a4bd4e24b6c8cdc08f18a5ecf7c0a8668f0af945d64f
e31ebf113144bd88c51f9344ae69e9a0533f0484c7876157b5ce7afab3f279dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f3825ab5a948a650d9276b8c3ed43db6f36ac1e7d150c134bc2685e537131b
f38e373a688607ccbc8503ad471aa3bb21d32725d46834eefb73980b9b83e789