urlscan.io logo urlscan.io
SecurityTrails logo

ask.mallaky.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
URL: http://ask.mallaky.com/?qa=user/horsedonald9
Submission: On October 29 via manual from FI — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 5 countries across 17 domains to perform 61 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is ask.mallaky.com.
This is the only time ask.mallaky.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 188.114.97.3 13335 (CLOUDFLAR...)
9 172.217.18.2 15169 (GOOGLE)
3 142.250.185.174 15169 (GOOGLE)
5 157.240.251.9 32934 (FACEBOOK)
7 142.250.185.226 15169 (GOOGLE)
2 173.194.76.157 15169 (GOOGLE)
1 172.217.23.104 15169 (GOOGLE)
2 157.240.0.35 32934 (FACEBOOK)
2 172.217.18.4 15169 (GOOGLE)
2 172.217.18.99 15169 (GOOGLE)
2 216.239.32.36 15169 (GOOGLE)
1 142.250.185.162 15169 (GOOGLE)
4 37.157.5.132 198622 (ADFORM)
5 142.250.185.97 15169 (GOOGLE)
2 37.157.6.234 198622 (ADFORM)
1 167.235.3.16 24940 (HETZNER-AS)
1 4 46.4.10.49 24940 (HETZNER-AS)
1 2 92.123.148.9 16625 (AKAMAI-AS)
1 149.126.4.39 47302 (CYON)
1 145.239.2.103 16276 (OVH)
61 21
4    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
ask.mallaky.com
9    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
pagead2.googlesyndication.com
www.googletagservices.com
3    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
www.google-analytics.com
5    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
7    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads.g.doubleclick.net
2    173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net
stats.g.doubleclick.net
1    172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f104.1e100.net
www.googletagmanager.com
2    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
2    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f4.1e100.net
www.google.com
2    172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net
www.google.ch
2    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
partner.googleadservices.com
4    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
5    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
tpc.googlesyndication.com
2    37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    167.235.3.16 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.16.3.235.167.clients.your-server.de
tm.ad-srv.net
4    46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de
ad.ad-srv.net
ad1.ad-srv.net
2    92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com
www.awin1.com
1    149.126.4.39 (Switzerland)

ASN47302 (CYON, CH)
PTR: s030.cyon.net
smartphoto-media.com
1    145.239.2.103 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns3082036.ip-145-239-2.eu
cdn.contentspread.net
Apex Domain
Subdomains		 Transfer
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
291 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
32 KB
6 adform.net
track.adform.net — Cisco Umbrella Rank: 4256
s1.adform.net — Cisco Umbrella Rank: 9253
39 KB
5 ad-srv.net
tm.ad-srv.net — Cisco Umbrella Rank: 89525
ad.ad-srv.net — Cisco Umbrella Rank: 50659
ad1.ad-srv.net — Cisco Umbrella Rank: 369015
7 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3040
2 KB
4 mallaky.com
ask.mallaky.com
12 KB
3 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 933
141 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18131
1 KB
2 google.ch
www.google.ch — Cisco Umbrella Rank: 30247
515 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
14 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
88 KB
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 88526
1 KB
1 smartphoto-media.com
smartphoto-media.com
23 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
59 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
602 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
95 KB
61 17
Domain Requested by
8 pagead2.googlesyndication.com ask.mallaky.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 track.adform.net googleads.g.doubleclick.net
s1.adform.net
4 ask.mallaky.com ask.mallaky.com
3 static.xx.fbcdn.net www.facebook.com
3 www.google-analytics.com ask.mallaky.com
www.google-analytics.com
2 ad1.ad-srv.net ad.ad-srv.net
2 www.awin1.com 1 redirects ad.ad-srv.net
2 ad.ad-srv.net 1 redirects tm.ad-srv.net
2 s1.adform.net track.adform.net
s1.adform.net
2 region1.analytics.google.com www.googletagmanager.com
2 www.google.ch ask.mallaky.com
2 www.google.com ask.mallaky.com
tpc.googlesyndication.com
2 www.facebook.com connect.facebook.net
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 connect.facebook.net ask.mallaky.com
connect.facebook.net
1 cdn.contentspread.net ad.ad-srv.net
1 smartphoto-media.com ad.ad-srv.net
1 tm.ad-srv.net ask.mallaky.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com www.google-analytics.com
61 23

This site contains links to these domains. Also see Links.

Domain
car.mallaky.com
navabride.com
Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
ad-srv.net
R3		 2023-10-20 -
2024-01-18		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
contentspread.net
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh

This page contains 12 frames:

Primary Page: http://ask.mallaky.com/?qa=user/horsedonald9
Frame ID: 32E1ADD0B2E6CFA7D26BA10B1DAF27D7
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html
Frame ID: 00EA0C97F33DC0E42817A8858661C2F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7130111984751250&output=html&h=90&slotname=2744259180&adk=3749908861&adf=383669989&pi=t.ma~as.2744259180&w=837&fwrn=4&fwrnh=100&lmt=1698584455&rafmt=2&format=837x90&url=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1698588054601&bpp=4&bdt=649&idt=728&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=1430444435387&frm=20&pv=2&ga_vid=105131778.1698588055&ga_sid=1698588055&ga_hid=415771148&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=755&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C44805934%2C44806737%2C31078297&oid=2&pvsid=1788398637860422&tmod=468463577&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=4c50pj0Uun&p=http%3A//ask.mallaky.com&dtd=762
Frame ID: 4466EE9EB8D0478360E08DFD5765C95A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7130111984751250&output=html&h=90&slotname=2744259180&adk=3749908861&adf=306952042&pi=t.ma~as.2744259180&w=837&fwrn=4&fwrnh=100&lmt=1698584455&rafmt=2&format=837x90&url=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1698588054605&bpp=1&bdt=653&idt=766&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=837x90&correlator=1430444435387&frm=20&pv=1&ga_vid=105131778.1698588055&ga_sid=1698588055&ga_hid=415771148&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=755&ady=689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C44805934%2C44806737%2C31078297&oid=2&pvsid=1788398637860422&tmod=468463577&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=t66cet7mwo&p=http%3A//ask.mallaky.com&dtd=770
Frame ID: FDE1E16B376EF64BFFA9DB91A99C2ED1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7130111984751250&output=html&h=90&slotname=2744259180&adk=159392350&adf=3318652124&pi=t.ma~as.2744259180&w=1200&fwrn=4&fwrnh=100&lmt=1698584455&rafmt=2&format=1200x90&url=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1698588054606&bpp=1&bdt=654&idt=773&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=837x90%2C837x90&correlator=1430444435387&frm=20&pv=1&ga_vid=105131778.1698588055&ga_sid=1698588055&ga_hid=415771148&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=392&ady=689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C44805934%2C44806737%2C31078297&oid=2&pvsid=1788398637860422&tmod=468463577&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=kFE1hReuhU&p=http%3A//ask.mallaky.com&dtd=782
Frame ID: 6FB5BA626F904B128092303CA4C399D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7130111984751250&output=html&adk=1812271804&adf=3025194257&lmt=1698584455&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l&format=0x0&url=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1698588054624&bpp=4&bdt=672&idt=768&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=837x90%2C837x90%2C1200x90&nras=1&correlator=1430444435387&frm=20&pv=1&ga_vid=105131778.1698588055&ga_sid=1698588055&ga_hid=415771148&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C44805934%2C44806737%2C31078297&oid=2&pvsid=1788398637860422&tmod=468463577&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=785
Frame ID: 66F91D011772303ACF491282B341D17C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Frame ID: F8E7E14F052FB94AF288828307D11394
Requests: 14 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=eqazmxfdi5ib&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=http%3A%2F%2Fask.mallaky.com%2F&ancestorOrigins=http%3A%2F%2Fask.mallaky.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:ask.mallaky.com&extVar[]=AF_DOM_RTB:mallaky.com&subid=3968815052633447873&rnd=13658&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q%26client%3Dca-pub-7130111984751250%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110900%3Bcrtbwp%3DZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A%3Bcrtbdata%3Dc3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2%3Badfibeg%3D0%3Bcdata%3DrAeJyHw-KV-_WwN_W06No48GcnDrn_AO-l2jyRsq0CEVQ1bbIFI6AnAfnbspXuiGScYyAp_HtvDB81ifIhuSCWPLm1bDT0c668oD5CMcX5PQEqvnagh6R_ISPYQlmj_YbPUbh33Oic90wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttp%253a%252f%252fask.mallaky.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Frame ID: 946FB6220CD23ADDC5D749A37D3AA2E0
Requests: 6 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2965113&v=15168&q=361106&r=783431&pv=1&pref2=15168&pref1=64455100062244004452306012492001
Frame ID: 333909A1F644A70734296050C5FDF7CC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/login_button.php?app_id=540879752659734&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3bae973ba489dc%26domain%3Dask.mallaky.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fask.mallaky.com%252Ff2bf06b595da96c%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email%2Cuser_about_me%2Cuser_location%2Cuser_website&sdk=joey&size=medium
Frame ID: 79FCAA2E5F2BA86E1C7EF337F1BD81B6
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E7E6EE2DDABAA9714706426558E13D5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 99108B1FA0B46B888B4D043783DD61B7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

المستخدم horsedonald9 - اسأل ملاًكي

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

61
Requests

80 %
HTTPS

0 %
IPv6

17
Domains

23
Subdomains

21
IPs

5
Countries

824 kB
Transfer

2442 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 8
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js
Request Chain 11
  • http://www.google-analytics.com/collect?v=1&_v=j101&a=415771148&t=pageview&_s=2&dl=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%20horsedonald9%20-%20%D8%A7%D8%B3%D8%A3%D9%84%20%D9%85%D9%84%D8%A7%D9%8B%D9%83%D9%8A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=105131778.1698588055&tid=UA-44487652-1&_gid=461213742.1698588055&z=1765420432 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j101&a=415771148&t=pageview&_s=2&dl=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%20horsedonald9%20-%20%D8%A7%D8%B3%D8%A3%D9%84%20%D9%85%D9%84%D8%A7%D9%8B%D9%83%D9%8A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=105131778.1698588055&tid=UA-44487652-1&_gid=461213742.1698588055&z=1765420432
Request Chain 38
  • https://ad.ad-srv.net/request.php?zone=eqazmxfdi5ib&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=http%3A%2F%2Fask.mallaky.com%2F&ancestorOrigins=http%3A%2F%2Fask.mallaky.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:ask.mallaky.com&extVar[]=AF_DOM_RTB:mallaky.com&subid=3968815052633447873&rnd=13658&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q%26client%3Dca-pub-7130111984751250%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110900%3Bcrtbwp%3DZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A%3Bcrtbdata%3Dc3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2%3Badfibeg%3D0%3Bcdata%3DrAeJyHw-KV-_WwN_W06No48GcnDrn_AO-l2jyRsq0CEVQ1bbIFI6AnAfnbspXuiGScYyAp_HtvDB81ifIhuSCWPLm1bDT0c668oD5CMcX5PQEqvnagh6R_ISPYQlmj_YbPUbh33Oic90wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttp%253a%252f%252fask.mallaky.com%3BC%3D1%3Bcpdir%3D HTTP 302
  • https://ad.ad-srv.net/request.php?zone=eqazmxfdi5ib&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=http%3A%2F%2Fask.mallaky.com%2F&ancestorOrigins=http%3A%2F%2Fask.mallaky.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:ask.mallaky.com&extVar[]=AF_DOM_RTB:mallaky.com&subid=3968815052633447873&rnd=13658&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q%26client%3Dca-pub-7130111984751250%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110900%3Bcrtbwp%3DZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A%3Bcrtbdata%3Dc3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2%3Badfibeg%3D0%3Bcdata%3DrAeJyHw-KV-_WwN_W06No48GcnDrn_AO-l2jyRsq0CEVQ1bbIFI6AnAfnbspXuiGScYyAp_HtvDB81ifIhuSCWPLm1bDT0c668oD5CMcX5PQEqvnagh6R_ISPYQlmj_YbPUbh33Oic90wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttp%253a%252f%252fask.mallaky.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Request Chain 39
  • https://www.awin1.com/cshow.php?s=2965113&v=15168&q=361106&r=783431&pv=0&pref2=15168&pref1=64455100062244004452306012492001 HTTP 302
  • https://smartphoto-media.com/banner/campaign/nc-general-1-de-120x600-px.jpg

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ask.mallaky.com/ 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ask.mallaky.com/?qa=user/horsedonald9
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
efad320fe3729daf8d0930079ecdb905c4f2e3b97a0f2e4d9969c826847dd202
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
81dbf281edff0e2b-MXP
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 29 Oct 2023 14:00:53 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdwNq1wqyiVIqZsG7JoXcobRf7HVwlf9u1cchTaEs21T0Z%2FvwmLH5D%2BFsrtCq8pYlJ6WZhA%2BPpqVTLU987NlQlbtE17u91%2FndsZNQcwnzSbksuGNg7vWEYb8kEQyOOQ6eiQ%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed
Os5WtWsT53sbOigxMn3J5zgB_PU.js
ask.mallaky.com/cdn-cgi/apps/head/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ask.mallaky.com/cdn-cgi/apps/head/Os5WtWsT53sbOigxMn3J5zgB_PU.js
Requested by
Host: ask.mallaky.com
URL: http://ask.mallaky.com/?qa=user/horsedonald9
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2899b6e56d08f2393b9e39d98edaee88c8bbd61a1d62e33f805dc05920d07b8b

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/?qa=user/horsedonald9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 14:00:53 GMT
Content-Encoding
gzip
x-amz-version-id
Z6cVrg4QnpD4vksWwJQMYYCxANTs.WBI
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status
HIT
x-amz-request-id
FPRY2KC1HWHZPQV5
Age
283393
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
2026
x-amz-id-2
R6FxytQX9sIEq5eqDast5ubowoc7n+Tnhaez/p4g5C7N8kyXLDvc5lbuYmL9UiateCbezcEXp64=
Last-Modified
Fri, 21 Jul 2017 18:22:22 GMT
Server
cloudflare
ETag
"eda8dac081261f102492114aaf93fdb0"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7hO7pHoAsxJAKdzMNOEaIRwjZfS%2B0KnBs%2FDJUsb1yEULn0%2B2iXrZyifdeA2ZQzQtb5xl87i1k%2B0OCZBki3JG%2B8yxSboBFstLDjq8GRpEuo2%2F2NEEkjSPSrd9K415RxQLkw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
81dbf2894ab24882-MXP
qa-styles.css
ask.mallaky.com/qa-theme/SnowFlat/ 		0
0
qa-styles-rtl.css
ask.mallaky.com/qa-theme/SnowFlat/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ask.mallaky.com/qa-theme/SnowFlat/qa-styles-rtl.css?1.8.5
Requested by
Host: ask.mallaky.com
URL: http://ask.mallaky.com/?qa=user/horsedonald9
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a0a840d54ebc1a4525af39787c3aa67bdd8a9c75813d0fded90652401dcade5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/?qa=user/horsedonald9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 14:00:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
600746
Cf-Polished
origSize=7055
Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
last-modified
Wed, 14 Jul 2021 14:09:11 GMT
Server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
Content-Type
text/css
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaxwqAaiFakTJuT%2FN0mfj85DGqisL%2FAz%2BWHgGo1bK1r79Tn9xpSfFdPnkhV7u80YJxO4ZRh5QqGL6CsBrWZP5B26Wrh0RfdXmCHVeHkU%2FoYI9SE0HrtujjIquu1XjZ3uLCI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
CF-RAY
81dbf2899b064882-MXP
expires
Sun, 29 Oct 2023 15:08:28 GMT
jquery-3.5.1.min.js
ask.mallaky.com/qa-content/ 		0
0
qa-global.js
ask.mallaky.com/qa-content/ 		0
0
snow-core.js
ask.mallaky.com/qa-theme/SnowFlat/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ask.mallaky.com/qa-theme/SnowFlat/js/snow-core.js?1.8.5
Requested by
Host: ask.mallaky.com
URL: http://ask.mallaky.com/?qa=user/horsedonald9
Protocol
HTTP/1.1
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/?qa=user/horsedonald9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 14:00:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
600746
Cf-Polished
origSize=2302
Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
last-modified
Wed, 14 Jul 2021 14:09:30 GMT
Server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8g6Dx4X4h6%2Fb5XK6twMVsLdeF000YrKS5M%2FE3PMq7Sx3dMuvHwXMOsVugmTHRMg5KwgZ8zIGZXQZYX2PtoZBhqw%2Fmmx7469%2FiVv7NaWDOl0ISnSr0Rdeup4BA9pqqTvlTI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2678400
x-turbo-charged-by
LiteSpeed
CF-RAY
81dbf28a2bbf4882-MXP
expires
Sun, 29 Oct 2023 15:08:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ask.mallaky.com
URL: http://ask.mallaky.com/?qa=user/horsedonald9
Protocol
HTTP/1.1
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
87ddab78809e93ac0f1bd24f63e78e5800ffe8fc695e00233054558615b6a14f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 14:00:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54229
X-XSS-Protection
0
Server
cafe
ETag
18071718685577769986
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Sun, 29 Oct 2023 14:00:54 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ask.mallaky.com
URL: http://ask.mallaky.com/?qa=user/horsedonald9
Protocol
H2
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Oct 2023 13:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
562
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 29 Oct 2023 15:51:32 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: ask.mallaky.com
URL: http://ask.mallaky.com/?qa=user/horsedonald9
Protocol
H2
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
20330e65a9b228172f81d6cc7de602f4764ca91404ac8f195d10f73d4b6765a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Oct 2023 14:00:54 GMT
content-md5
Vei7M8E4FvrvtyG1XDJGIA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1684
reporting-endpoints
x-fb-debug
5m9V/njgJPcLSosRPC5nR3MaOONF5KkCJCezWP8Cq1PUd8bgbb+ROyhVvGjY0BkHuTBOyeh4cKZCHZhx+W4Jkg==
x-fb-content-md5
249afa852150703d324d9ff7e2af28ca
cross-origin-opener-policy
same-origin-allow-popups
etag
"fab99eb0851cd6d8a486e9948f888ea9"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 29 Oct 2023 14:01:54 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
all.js
connect.facebook.net/en_US/ 		298 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=bada1c82eb0cf827be7f42898aa038ae
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
b528d2ed0c83e16b16b24b439a11779926a9f23f8c0f826d545395200a2ce586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://ask.mallaky.com/
Origin
http://ask.mallaky.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Oct 2023 14:00:54 GMT
content-md5
Am17FqrbJmV8Ktb67OkBcA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86280
reporting-endpoints
x-fb-debug
w8ncekJ8E+XPYYRs5o1TaOKGGE9Brpjkbb4D6FY6ns3vuY8Uket73RkrPKmp/oCCI2jayNpA+ic2Wk5cvJOPrQ==
x-fb-content-md5
fa659e3b2fa1dde4335938d9dd9825da
cross-origin-opener-policy
same-origin-allow-popups
etag
"58720bca7bf860e263609a4205b83c34"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 28 Oct 2024 12:12:01 GMT
collect
www.google-analytics.com/j/ 		16 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=415771148&t=pageview&_s=1&dl=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%20horsedonald9%20-%20%D8%A7%D8%B3%D8%A3%D9%84%20%D9%85%D9%84%D8%A7%D9%8B%D9%83%D9%8A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1028681312&gjid=842148143&cid=105131778.1698588055&tid=UA-44487652-1&_gid=461213742.1698588055&_r=1&_slc=1&z=1665115175
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
c50d685f1af219578abccc1f681836ce7eb2dd8600d7c100dd67cf9ad20a83e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://ask.mallaky.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Oct 2023 14:00:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ask.mallaky.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j101&a=415771148&t=pageview&_s=2&dl=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%...
  • https://www.google-analytics.com/collect?v=1&_v=j101&a=415771148&t=pageview&_s=2&dl=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8...
35 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=415771148&t=pageview&_s=2&dl=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%20horsedonald9%20-%20%D8%A7%D8%B3%D8%A3%D9%84%20%D9%85%D9%84%D8%A7%D9%8B%D9%83%D9%8A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=105131778.1698588055&tid=UA-44487652-1&_gid=461213742.1698588055&z=1765420432
Requested by
Host: ask.mallaky.com
URL: http://ask.mallaky.com/?qa=user/horsedonald9
Protocol
H2
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Oct 2023 12:31:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5339
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j101&a=415771148&t=pageview&_s=2&dl=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%20horsedonald9%20-%20%D8%A7%D8%B3%D8%A3%D9%84%20%D9%85%D9%84%D8%A7%D9%8B%D9%83%D9%8A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=105131778.1698588055&tid=UA-44487652-1&_gid=461213742.1698588055&z=1765420432
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ 		395 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
56fc7812b79839d7f7a260efa295fe7e26e93af7138bba4f2fa2792b6bee2d79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:00:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137198
x-xss-protection
0
server
cafe
etag
1218936545022299926
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 14:00:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/ Frame 00EA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ask.mallaky.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
66693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 28 Oct 2023 19:29:22 GMT
etag
4569948109300706969
expires
Sat, 11 Nov 2023 19:29:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-44487652-1&cid=105131778.1698588055&jid=1028681312&gjid=842148143&_gid=461213742.1698588055&_u=IEBAAEAAAAAAACAAI~&z=286000445
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ask.mallaky.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 29 Oct 2023 14:00:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ask.mallaky.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		287 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DXJLFHRQJ8&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
7b2af70e124fb03aa7a708143690f77c86e7f07222d88a948f16baf80531b69b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:00:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96644
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 29 Oct 2023 14:00:55 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=540879752659734&input_token&origin=1&redirect_uri=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=bada1c82eb0cf827be7f42898aa038ae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Sun, 29 Oct 2023 14:00:55 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
wn0x77kglP2ZhBr2HWwDINyAt9B/iBlcjjZx/HYJ0V4dx/NdmPEuji1KgQrKfQoBo++oqjM6FnSSKFqlGus0lw==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://ask.mallaky.com
access-control-expose-headers
fb-s
fb-error-description
"This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=()
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-44487652-1&cid=105131778.1698588055&jid=1028681312&_u=IEBAAEAAAAAAACAAI~&z=181994836
Requested by
Host: ask.mallaky.com
URL: http://ask.mallaky.com/?qa=user/horsedonald9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Oct 2023 14:00:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-44487652-1&cid=105131778.1698588055&jid=1028681312&_u=IEBAAEAAAAAAACAAI~&z=181994836
Requested by
Host: ask.mallaky.com
URL: http://ask.mallaky.com/?qa=user/horsedonald9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Oct 2023 14:00:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DXJLFHRQJ8&gtm=45je3ap0v9132778175&_p=415771148&_gaz=1&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=105131778.1698588055&ir=1&_eu=EBAI&_s=1&dl=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&dt=%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%20horsedonald9%20-%20%D8%A7%D8%B3%D8%A3%D9%84%20%D9%85%D9%84%D8%A7%D9%8B%D9%83%D9%8A&sid=1698588055&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DXJLFHRQJ8&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Oct 2023 14:00:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ask.mallaky.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DXJLFHRQJ8&cid=105131778.1698588055&gtm=45je3ap0v9132778175&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DXJLFHRQJ8&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Oct 2023 14:00:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ask.mallaky.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DXJLFHRQJ8&cid=105131778.1698588055&gtm=45je3ap0v9132778175&aip=1&z=2059889316
Requested by
Host: ask.mallaky.com
URL: http://ask.mallaky.com/?qa=user/horsedonald9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Oct 2023 14:00:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		389 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ask.mallaky.com&callback=_gfp_s_&client=ca-pub-7130111984751250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
81166e2229d5977482f89daa3ebb704ab949eca2329e2ef29108b92560a483db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4466 		718 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7130111984751250&output=html&h=90&slotname=2744259180&adk=3749908861&adf=383669989&pi=t.ma~as.2744259180&w=837&fwrn=4&fwrnh=100&lmt=1698584455&rafmt=2&format=837x90&url=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1698588054601&bpp=4&bdt=649&idt=728&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=1430444435387&frm=20&pv=2&ga_vid=105131778.1698588055&ga_sid=1698588055&ga_hid=415771148&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=755&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C44805934%2C44806737%2C31078297&oid=2&pvsid=1788398637860422&tmod=468463577&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=4c50pj0Uun&p=http%3A//ask.mallaky.com&dtd=762
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
888e033b4bec3f942f22b306164429e6df465654945144806defb97bbef78283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ask.mallaky.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
356
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 29 Oct 2023 14:00:55 GMT
expires
Sun, 29 Oct 2023 14:00:55 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FDE1 		718 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7130111984751250&output=html&h=90&slotname=2744259180&adk=3749908861&adf=306952042&pi=t.ma~as.2744259180&w=837&fwrn=4&fwrnh=100&lmt=1698584455&rafmt=2&format=837x90&url=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1698588054605&bpp=1&bdt=653&idt=766&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=837x90&correlator=1430444435387&frm=20&pv=1&ga_vid=105131778.1698588055&ga_sid=1698588055&ga_hid=415771148&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=755&ady=689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C44805934%2C44806737%2C31078297&oid=2&pvsid=1788398637860422&tmod=468463577&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=t66cet7mwo&p=http%3A//ask.mallaky.com&dtd=770
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
4d6b9986621ca2d5fe7d6a74f28f7ff827cbe4461e885275a5dbb46596f6b0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ask.mallaky.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
356
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 29 Oct 2023 14:00:55 GMT
expires
Sun, 29 Oct 2023 14:00:55 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6FB5 		718 B
530 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7130111984751250&output=html&h=90&slotname=2744259180&adk=159392350&adf=3318652124&pi=t.ma~as.2744259180&w=1200&fwrn=4&fwrnh=100&lmt=1698584455&rafmt=2&format=1200x90&url=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1698588054606&bpp=1&bdt=654&idt=773&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=837x90%2C837x90&correlator=1430444435387&frm=20&pv=1&ga_vid=105131778.1698588055&ga_sid=1698588055&ga_hid=415771148&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=392&ady=689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C44805934%2C44806737%2C31078297&oid=2&pvsid=1788398637860422&tmod=468463577&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=kFE1hReuhU&p=http%3A//ask.mallaky.com&dtd=782
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
548a23fbf7e618508771a01e387096da4eac3bfe206f4aaca9f96bfc313d4a29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ask.mallaky.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
358
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 29 Oct 2023 14:00:55 GMT
expires
Sun, 29 Oct 2023 14:00:55 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 66F9 		77 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7130111984751250&output=html&adk=1812271804&adf=3025194257&lmt=1698584455&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l&format=0x0&url=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1698588054624&bpp=4&bdt=672&idt=768&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=837x90%2C837x90%2C1200x90&nras=1&correlator=1430444435387&frm=20&pv=1&ga_vid=105131778.1698588055&ga_sid=1698588055&ga_hid=415771148&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C44805934%2C44806737%2C31078297&oid=2&pvsid=1788398637860422&tmod=468463577&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=785
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
767765addf06c221aaf666256b34103a84cb5607e8540c23d687aa321775ad8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ask.mallaky.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
20825
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 29 Oct 2023 14:00:55 GMT
expires
Sun, 29 Oct 2023 14:00:55 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ 		159 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
69b5c52a7091f23e63dfdbf7cfeb737104914fc34a79c06183794af099a16a1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:00:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55374
x-xss-protection
0
server
cafe
etag
17323812298151704322
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 14:00:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/ Frame F8E7 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ask.mallaky.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
66751
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 28 Oct 2023 19:28:25 GMT
etag
4569948109300706969
expires
Sat, 11 Nov 2023 19:28:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
track.adform.net/adfscript/ Frame F8E7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=54110900;rtbwp=ZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A;rtbdata=c3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q&client=ca-pub-7130111984751250&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e18f0d086b61087425bf51aa7df77242cf2ea7b09a82e1a96f7d727584ed2120
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Oct 2023 14:00:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1514
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame F8E7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 13:01:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
3570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 13:01:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame F8E7 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 02:48:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
40333
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 02:48:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F8E7 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Oct 2023 14:00:56 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame F8E7 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=54110900;rtbwp=ZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A;rtbdata=c3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q&client=ca-pub-7130111984751250&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:00:56 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:58 GMT
/
track.adform.net/adfserve/ Frame F8E7 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=54110900;rtbwp=ZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A;rtbdata=c3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q&client=ca-pub-7130111984751250&adurl=;js=1;adfxid=1x;1933;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=http%3A%2F%2Fask.mallaky.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
71c877c17bc9f85f885d695cc934c1f23a6cc4ff2adfd4f4f78ea15e79d8932f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Oct 2023 14:00:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3244
expires
-1
bd4e7bcd7e.html
tm.ad-srv.net/tm/a/container/html/ Frame F8E7 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.ad-srv.net/tm/a/container/html/bd4e7bcd7e.html?eli=8869608&cguid=a6db0e9e08&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q%26client%3Dca-pub-7130111984751250%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110900%3Bcrtbwp%3DZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A%3Bcrtbdata%3Dc3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2%3Badfibeg%3D0%3Bcdata%3DrAeJyHw-KV-_WwN_W06No48GcnDrn_AO-l2jyRsq0CEVQ1bbIFI6AnAfnbspXuiGScYyAp_HtvDB81ifIhuSCWPLm1bDT0c668oD5CMcX5PQEqvnagh6R_ISPYQlmj_YbPUbh33Oic90wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttp%253a%252f%252fask.mallaky.com%3BC%3D1%3Bcpdir%3D&eVS=Doubleclick+Ad+Exchange+by+Google&eVRDD=ask.mallaky.com&eVRDB=mallaky.com&eVAI=3968815052633447873&rnd=13658&gdpr=0&gdpr_consent=
Requested by
Host: ask.mallaky.com
URL: http://ask.mallaky.com/?qa=user/horsedonald9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
167.235.3.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.3.235.167.clients.your-server.de
Software
nginx /
Resource Hash
50cdd2c733223aef58877cd7057a85d60189c1aaa09bec959597c3a7e10c5f23

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Oct 2023 14:00:56 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Expires
0
/
track.adform.net/csimpr/ Frame F8E7 		35 B
600 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=54110900&csi=h_6drnAG7rFsv8uj4yfrfbj1RDCBJRtJZuQ5uxhAbBTrygPkIxxfk9ASq-dqCHpH8hI9hCWaP9hs9RuHfc6Jz2QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Oct 2023 14:00:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ThirdParty
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame F8E7 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
73bf38e360808e83c5e94f6089326848f56880e84dc21c7ab1cc538e6f2b83c4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:00:56 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:59 GMT
request.php
ad.ad-srv.net/ Frame 946F
Redirect Chain
  • https://ad.ad-srv.net/request.php?zone=eqazmxfdi5ib&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=http%3A%2F%2Fask.mallaky.com%2F&an...
  • https://ad.ad-srv.net/request.php?zone=eqazmxfdi5ib&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=http%3A%2F%2Fask.mallaky.com%2F&an...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/request.php?zone=eqazmxfdi5ib&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=http%3A%2F%2Fask.mallaky.com%2F&ancestorOrigins=http%3A%2F%2Fask.mallaky.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:ask.mallaky.com&extVar[]=AF_DOM_RTB:mallaky.com&subid=3968815052633447873&rnd=13658&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q%26client%3Dca-pub-7130111984751250%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110900%3Bcrtbwp%3DZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A%3Bcrtbdata%3Dc3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2%3Badfibeg%3D0%3Bcdata%3DrAeJyHw-KV-_WwN_W06No48GcnDrn_AO-l2jyRsq0CEVQ1bbIFI6AnAfnbspXuiGScYyAp_HtvDB81ifIhuSCWPLm1bDT0c668oD5CMcX5PQEqvnagh6R_ISPYQlmj_YbPUbh33Oic90wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttp%253a%252f%252fask.mallaky.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Requested by
Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/bd4e7bcd7e.html?eli=8869608&cguid=a6db0e9e08&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q%26client%3Dca-pub-7130111984751250%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110900%3Bcrtbwp%3DZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A%3Bcrtbdata%3Dc3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2%3Badfibeg%3D0%3Bcdata%3DrAeJyHw-KV-_WwN_W06No48GcnDrn_AO-l2jyRsq0CEVQ1bbIFI6AnAfnbspXuiGScYyAp_HtvDB81ifIhuSCWPLm1bDT0c668oD5CMcX5PQEqvnagh6R_ISPYQlmj_YbPUbh33Oic90wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttp%253a%252f%252fask.mallaky.com%3BC%3D1%3Bcpdir%3D&eVS=Doubleclick+Ad+Exchange+by+Google&eVRDD=ask.mallaky.com&eVRDB=mallaky.com&eVAI=3968815052633447873&rnd=13658&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
6c7e3e8fad675fc459a8b1e8e5f98dd1dfea6cff150cd98995591f2e6507dd58

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1579
Content-Type
text/html; charset=utf-8
Date
Sun, 29 Oct 2023 14:00:57 GMT
Expires
Sun, 29 Oct 2023 14:00:57 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-NEORY-SubId
64455100062244004452306012492001

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Oct 2023 14:00:57 GMT
Expires
Sun, 29 Oct 2023 14:00:57 +0100
Location
request.php?zone=eqazmxfdi5ib&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=http%3A%2F%2Fask.mallaky.com%2F&ancestorOrigins=http%3A%2F%2Fask.mallaky.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:ask.mallaky.com&extVar[]=AF_DOM_RTB:mallaky.com&subid=3968815052633447873&rnd=13658&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q%26client%3Dca-pub-7130111984751250%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110900%3Bcrtbwp%3DZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A%3Bcrtbdata%3Dc3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2%3Badfibeg%3D0%3Bcdata%3DrAeJyHw-KV-_WwN_W06No48GcnDrn_AO-l2jyRsq0CEVQ1bbIFI6AnAfnbspXuiGScYyAp_HtvDB81ifIhuSCWPLm1bDT0c668oD5CMcX5PQEqvnagh6R_ISPYQlmj_YbPUbh33Oic90wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttp%253a%252f%252fask.mallaky.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
nc-general-1-de-120x600-px.jpg
smartphoto-media.com/banner/campaign/ Frame 946F
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2965113&v=15168&q=361106&r=783431&pv=0&pref2=15168&pref1=64455100062244004452306012492001
  • https://smartphoto-media.com/banner/campaign/nc-general-1-de-120x600-px.jpg
23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartphoto-media.com/banner/campaign/nc-general-1-de-120x600-px.jpg
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=eqazmxfdi5ib&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=http%3A%2F%2Fask.mallaky.com%2F&ancestorOrigins=http%3A%2F%2Fask.mallaky.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:ask.mallaky.com&extVar[]=AF_DOM_RTB:mallaky.com&subid=3968815052633447873&rnd=13658&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q%26client%3Dca-pub-7130111984751250%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110900%3Bcrtbwp%3DZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A%3Bcrtbdata%3Dc3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2%3Badfibeg%3D0%3Bcdata%3DrAeJyHw-KV-_WwN_W06No48GcnDrn_AO-l2jyRsq0CEVQ1bbIFI6AnAfnbspXuiGScYyAp_HtvDB81ifIhuSCWPLm1bDT0c668oD5CMcX5PQEqvnagh6R_ISPYQlmj_YbPUbh33Oic90wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttp%253a%252f%252fask.mallaky.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
H2
Server
149.126.4.39 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
s030.cyon.net
Software
/
Resource Hash
ecea1f330b15f16b635fb2e00c30ecdaad22f2e20106d1ed8edb2a27dd598e3b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:00:58 GMT
strict-transport-security
max-age=3600
last-modified
Fri, 03 Jun 2022 09:04:52 GMT
etag
"5c90-6299ceb4-9620a81bb48b25ea;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
23696
expires
Sun, 05 Nov 2023 14:00:58 GMT

Redirect headers

Date
Sun, 29 Oct 2023 14:00:57 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://smartphoto-media.com/banner/campaign/nc-general-1-de-120x600-px.jpg
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
viewability
ad1.ad-srv.net/ Frame 946F 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad1.ad-srv.net/viewability?s=64455100062244004452306012492001&a=2695d2df&vb=m
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=eqazmxfdi5ib&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=http%3A%2F%2Fask.mallaky.com%2F&ancestorOrigins=http%3A%2F%2Fask.mallaky.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:ask.mallaky.com&extVar[]=AF_DOM_RTB:mallaky.com&subid=3968815052633447873&rnd=13658&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q%26client%3Dca-pub-7130111984751250%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110900%3Bcrtbwp%3DZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A%3Bcrtbdata%3Dc3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2%3Badfibeg%3D0%3Bcdata%3DrAeJyHw-KV-_WwN_W06No48GcnDrn_AO-l2jyRsq0CEVQ1bbIFI6AnAfnbspXuiGScYyAp_HtvDB81ifIhuSCWPLm1bDT0c668oD5CMcX5PQEqvnagh6R_ISPYQlmj_YbPUbh33Oic90wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttp%253a%252f%252fask.mallaky.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 14:00:57 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
cshow.php
www.awin1.com/ Frame 3339 		43 B
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2965113&v=15168&q=361106&r=783431&pv=1&pref2=15168&pref1=64455100062244004452306012492001
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=eqazmxfdi5ib&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=http%3A%2F%2Fask.mallaky.com%2F&ancestorOrigins=http%3A%2F%2Fask.mallaky.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:ask.mallaky.com&extVar[]=AF_DOM_RTB:mallaky.com&subid=3968815052633447873&rnd=13658&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q%26client%3Dca-pub-7130111984751250%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110900%3Bcrtbwp%3DZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A%3Bcrtbdata%3Dc3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2%3Badfibeg%3D0%3Bcdata%3DrAeJyHw-KV-_WwN_W06No48GcnDrn_AO-l2jyRsq0CEVQ1bbIFI6AnAfnbspXuiGScYyAp_HtvDB81ifIhuSCWPLm1bDT0c668oD5CMcX5PQEqvnagh6R_ISPYQlmj_YbPUbh33Oic90wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttp%253a%252f%252fask.mallaky.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ad.ad-srv.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 29 Oct 2023 14:00:57 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
truncated
/ Frame 946F 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/cynamics/tools/js/ Frame 946F 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=eqazmxfdi5ib&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=http%3A%2F%2Fask.mallaky.com%2F&ancestorOrigins=http%3A%2F%2Fask.mallaky.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:ask.mallaky.com&extVar[]=AF_DOM_RTB:mallaky.com&subid=3968815052633447873&rnd=13658&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q%26client%3Dca-pub-7130111984751250%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110900%3Bcrtbwp%3DZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A%3Bcrtbdata%3Dc3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2%3Badfibeg%3D0%3Bcdata%3DrAeJyHw-KV-_WwN_W06No48GcnDrn_AO-l2jyRsq0CEVQ1bbIFI6AnAfnbspXuiGScYyAp_HtvDB81ifIhuSCWPLm1bDT0c668oD5CMcX5PQEqvnagh6R_ISPYQlmj_YbPUbh33Oic90wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttp%253a%252f%252fask.mallaky.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.2.103 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3082036.ip-145-239-2.eu
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 14:00:57 GMT
Last-Modified
Tue, 03 May 2016 20:55:13 GMT
Server
nginx
ETag
"57291031-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
truncated
/ Frame F8E7 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09a1cb875d5f4f7ec9bdd134a8c8a7e92098a53b848d49e48880d4c6a535e584

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
login_button.php
www.facebook.com/plugins/ Frame 79FC 		33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/login_button.php?app_id=540879752659734&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3bae973ba489dc%26domain%3Dask.mallaky.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fask.mallaky.com%252Ff2bf06b595da96c%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email%2Cuser_about_me%2Cuser_location%2Cuser_website&sdk=joey&size=medium
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=bada1c82eb0cf827be7f42898aa038ae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
769d88232a9005c5f3507551831ccaa4450fd17a6f58e0dda340805bb30e5889
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ask.mallaky.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Sun, 29 Oct 2023 14:00:58 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
+4DbZ9HIM1OTIi0dfZCJsacFWAlgWGSOZ4S0/bIfTsimBCwHAOnbNpqy2saisNwjveoYIw11L1cliTJGytT53w==
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231025&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
db4f1bcd761c47fefb895e73f0b4825ed41e3b6b2791def3c6fc54bd9e4b8ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:00:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12177
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame F8E7 		0
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5Eyfl2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE-gFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUbe0w3cQuC8O-mSIZDWA1-AzYMeWqqdlHEzq8J7AULPoyR7TuDTJLgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MTMwMTExOTg0NzUxMjUwGAA&sigh=4gBUU8SqU5E&uach_m=[UACH]&cid=CAQSSwDICaaN3Jvd8_4cZ6hetJG8bvx4rWOLHU88ZnqFUHBBCCgWL3sQShtbRR_gMlMxVu02v0ZdiROR9u3HLP-J52vR4e9IORR9f30rShgB&cbvp=2&vis=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 29 Oct 2023 14:00:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 29 Oct 2023 14:00:58 GMT
kcCcn304Nyy.js
static.xx.fbcdn.net/rsrc.php/v3i7M54/ym/l/en_US/ Frame 79FC 		532 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7M54/ym/l/en_US/kcCcn304Nyy.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/login_button.php?app_id=540879752659734&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3bae973ba489dc%26domain%3Dask.mallaky.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fask.mallaky.com%252Ff2bf06b595da96c%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email%2Cuser_about_me%2Cuser_location%2Cuser_website&sdk=joey&size=medium
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
e5f9d150b7407216dd9064ddf52a5a822f5a35ca5b171ef32f8c82ccd8ddc5c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:00:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
JHCttlSgcaqqVPttoiivQg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
141865
reporting-endpoints
x-fb-debug
TP0GNe2AWrEapc7MSm3ItB3+5Inqz7JjjxtltKSbI4A2kUHG8uFttu5BBuEd2T/9woo5n44BWWuLULFtr5Y8kQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 26 Oct 2024 17:58:05 GMT
teE39sffXW8.png
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ Frame 79FC 		348 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/teE39sffXW8.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/login_button.php?app_id=540879752659734&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3bae973ba489dc%26domain%3Dask.mallaky.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fask.mallaky.com%252Ff2bf06b595da96c%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email%2Cuser_about_me%2Cuser_location%2Cuser_website&sdk=joey&size=medium
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
127df7452fa8960a17f273eef60809c99a274d0b98b4cc79a04851e23efd7f9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:00:58 GMT
x-content-type-options
nosniff
content-md5
ITKKUawqCNs+RbkbqXaviw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
348
reporting-endpoints
x-fb-debug
0d1nN+Fkp1QYZBNCSlozRCOHUJ680zn48t8TnLrS8iOV9GjqLMEyjScTMQRO8gkjZysH6D+JirKWIdcytR+zhw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 19 Oct 2024 04:57:37 GMT
iqVGY7gYXlg.gif
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 79FC 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/iqVGY7gYXlg.gif
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/login_button.php?app_id=540879752659734&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3bae973ba489dc%26domain%3Dask.mallaky.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fask.mallaky.com%252Ff2bf06b595da96c%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A&scope=email%2Cuser_about_me%2Cuser_location%2Cuser_website&sdk=joey&size=medium
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
e29e8cb21e6e794d5730c029d3996dc8e79b0841d7bb32cdd10ae34d4fb64760
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:00:58 GMT
x-content-type-options
nosniff
content-md5
xus77tDlZhUxDt48lJn72A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1056
reporting-endpoints
x-fb-debug
xeJQJ8ALxHxmi4SB0j0OOYj2D/RtSGXKrnOiDzx+/sRbZDI2yApt3AS8cFvOcut0vwxd3i/YIJLAy9vb45ohXw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/gif
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 25 Oct 2024 02:31:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:00:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 29 Oct 2023 14:00:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E7E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ask.mallaky.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3349
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Oct 2023 13:05:09 GMT
expires
Mon, 28 Oct 2024 13:05:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9910 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f4.1e100.net
Software
GSE /
Resource Hash
e506f3df7e5bfcdcbbf85eb532a79ee77fc120306d0a6fca92b61862939ee575
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6IqsxJwURC1EApBlBt2XRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ask.mallaky.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6IqsxJwURC1EApBlBt2XRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 29 Oct 2023 14:00:58 GMT
expires
Sun, 29 Oct 2023 14:00:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 2E7E 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 08:16:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
20649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 28 Oct 2024 08:16:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9910 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231025&jk=1788398637860422&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2E7E 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?JjpH1Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:00:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F8E7 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwTG9UiGbX4VQUhZ5NkSrLOvzPvgfMeR4MsMaZ5zYKqiyuroBzqygHMwxB57I92qQQA2yRCxUxEFdIGbSK5fkAio6Nn6FjZ0YuHu13&sig=Cg0ArKJSzEkE4UYlagA5EAE&id=lidar2&mcvt=1000&p=0,0,604,200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1698588056179&rpt=1938&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Oct 2023 14:00:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
ad1.ad-srv.net/ Frame 946F 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad1.ad-srv.net/viewability?s=64455100062244004452306012492001&a=2695d2df&vb=v
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=eqazmxfdi5ib&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=http%3A%2F%2Fask.mallaky.com%2F&ancestorOrigins=http%3A%2F%2Fask.mallaky.com&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:ask.mallaky.com&extVar[]=AF_DOM_RTB:mallaky.com&subid=3968815052633447873&rnd=13658&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCStE8l2U-ZdqCIOmj5LcPuqCgsAuRrcW8XN3m7KbuAsCNtwEQASAAYPXtu4GYBIIBF2NhLXB1Yi03MTMwMTExOTg0NzUxMjUwyAEJqQLG6zUHg_-CPqgDAcgDAqoE_QFP0BZXiScjMrjsxHi9SBeCR816kmanY1kLH_tL3HZgUFouiRSnM2seALEc36gWVEDGwrvb8PodjjiHlB9cKslTzDSEipqau1t1ARP8Mqt94WK-TL6OXeGQgwqbUiHfa4Ah_2jleo7hDF6UPIAhLZn4eTrV3g39GWD2IT4pZ5GMOgjIodvIvb6FRSBApm0yf-YujSl4AI9ZmK7krYoI4GvX8EMNdriCA_qUqEBjib1yqjrlwU9XkT9dJM_JP6_SSo7K_ECSz7MulhIO_y5CPfw_ecqUba8y_FbkgkXKIaRWlpxzZ9jOJe8Jo_df4LdYYS_KmeQeX3xCk0bzuVLqgAbQgNXjhbT5-cYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3stYDJc1giQEiq9fIRO8iwDZ343Q%26client%3Dca-pub-7130111984751250%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110900%3Bcrtbwp%3DZT5llwAIAVoA-RHpAAgQOnht6FkGfRxlF-HE6A%3Bcrtbdata%3Dc3jbabt2LH_xHncO-GcBLIoG6CVHOApn4PRXSOvPZF7pkDNi7DF9vo1CZmiWiYQscIW9xq_n1AchZ26cZ2suNwvTnyVX017ChIErIY89riKhU9zt46xQVAhkW6wg6MYWUi--2vT1MTTJveFkQ1l8XEWf7cr_JzAWuRkkU04W1NS--Ts_ibrZrw2%3Badfibeg%3D0%3Bcdata%3DrAeJyHw-KV-_WwN_W06No48GcnDrn_AO-l2jyRsq0CEVQ1bbIFI6AnAfnbspXuiGScYyAp_HtvDB81ifIhuSCWPLm1bDT0c668oD5CMcX5PQEqvnagh6R_ISPYQlmj_YbPUbh33Oic90wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttp%253a%252f%252fask.mallaky.com%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 14:00:59 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231025&jk=1788398637860422&bg=!0NOl05zNAAbo5yKYyOc7ADQBe5WfOPJf-sAjiA11GApZ9psMWoysT75PS0ukaXSS6fPtbq7cee4jyG46RQX7VD1KJrQ4AgAAAHBSAAAAA2gBB5kC0S1mz8gbvPK0Fs5-D5mKbArdzFVEtSgBntZcCgZDbWr7ELrzxpN-onOvHo9VlHCXmirc4GFPifr0asdULkhPFrs-IzeVTGTI7wBNyy8-NZNOZy_HG2DLqcr6Ow1sszHGKek7gv9G6tjJImQSGacaLL3vVogk9lMNFoMhAvf0DemnwZc5ZeXwqU6yvTaJzupP9H9cGfc-ryARPRDf6hFnsY4aAZrOLqi61n6LiM2YHnUQLsaK87_VQ6EY6-Ho9htueZImow2eDLs3-NaCkpPSj98BCR6NOO9oO5-iMG5iobnZG6c2PJ4ulWNlEkM8RRK5SIp_WqGXp3dCv2zVv6GGXQliqWPDhwLzGwgRXcG9qMKOOtI_Te8e4O4TWNLeO3jheRM5sdfZLb02q2XDEMVB6NG5BDn4GRaDJGGU_eSfSmjPhoQ5GFR5WdHVrr6q9TbWYdFdpkWJ_OiuY8avg2uN5qrSY3D2Y9eJaLzhUJD4I7c_S4otpvqfKx63SZpEofDXH_DIRxxXCqkefcUFkX4PbxeyxBhXsUqDgcjmxngj1hYfGvGkvR44oKEPWdXpjpWzA2GB2uP8Pizv1RBohSh2xuULNkvq2kGHooq23TO25wDrlReNrjLO571ggAsGpV-j43ZKbnU_X0f27SdAIVtbDmOxjaVKenFHwmnp6jeG4cJqF-_x65kxsZP2TE7Pzb-kUC_P4nSueiB7AYDpMUs3dN5dekmYPmJPIr-NlzxB_OmyDDbliR3mf1-fESnt1AytsHX8xKhmIaLxLHMEWzEjvwDUvy8SawIIYmcc3b2bRykyOEaoaqsYEEdvsPdJq7J5hjygKSm0CrMn0DOI3cYSbW_pyetsxs_LnFWnozuXFu6O8ZzSt2e10CwG2vZlj5Z0l0zOD8EaKUAVO5uzSmxdispANsNJoDR7-oenL1x7zfPBuHKgbSp-3lOMnIEGq8zNFD4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
track.adform.net/serving/unload/ Frame F8E7 		35 B
591 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6664792087179040033@@54110900,3968815052633447873,100|1200|0|0|0|0|0|0|0||75|1|||||1|0|0|tFKl-X4ZBOZX7EYoWZQhUUfwwvc5eENfRi79NvAuxn0Mz9l3gDRzPRhpnBRkvb3lA7z_uuw_WOM1|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Oct 2023 14:00:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DXJLFHRQJ8&gtm=45je3ap0v9132778175&_p=415771148&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=105131778.1698588055&ir=1&_eu=EBAI&_s=2&dl=http%3A%2F%2Fask.mallaky.com%2F%3Fqa%3Duser%2Fhorsedonald9&dt=%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%20horsedonald9%20-%20%D8%A7%D8%B3%D8%A3%D9%84%20%D9%85%D9%84%D8%A7%D9%8B%D9%83%D9%8A&sid=1698588055&sct=1&seg=1&en=page_view&_ee=1&_et=6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DXJLFHRQJ8&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://ask.mallaky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Oct 2023 14:01:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ask.mallaky.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ask.mallaky.com
URL
http://ask.mallaky.com/qa-theme/SnowFlat/qa-styles.css?1.8.5
Domain
ask.mallaky.com
URL
http://ask.mallaky.com/qa-content/jquery-3.5.1.min.js
Domain
ask.mallaky.com
URL
http://ask.mallaky.com/qa-content/qa-global.js?1.8.5

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| Eager object| CloudflareApps string| GoogleAnalyticsObject function| ga string| qa_root string| qa_request object| b function| fbAsyncInit object| adsbygoogle object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter object| dataLayer object| __buffer object| google_tag_manager object| googletag function| onYouTubeIframeAPIReady function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| GoogleGcLKhOms object| google_image_requests

15 Cookies

Domain/Path Name / Value
ask.mallaky.com/ Name: PHPSESSID
Value: 1ec118d1284d21bd994f9bbe32cafb56
ask.mallaky.com/ Name: qa_key
Value: f9h91uw1652c6odi3unfoe5hu1m36k81
.mallaky.com/ Name: _ga
Value: GA1.2.105131778.1698588055
.mallaky.com/ Name: _gid
Value: GA1.2.461213742.1698588055
.mallaky.com/ Name: _gat
Value: 1
.mallaky.com/ Name: _ga_DXJLFHRQJ8
Value: GS1.2.1698588055.1.1.1698588055.60.0.0
.mallaky.com/ Name: __gads
Value: ID=f6578b7191d7cb30:T=1698588055:RT=1698588055:S=ALNI_MZ4ZXhri-Bn4EWN1MPZ60U-X_fevA
.mallaky.com/ Name: __gpi
Value: UID=00000cc53a61b4f9:T=1698588055:RT=1698588055:S=ALNI_MYbrBL3E5QR-YPIVJ4iciRpVIJ3Jw
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6664792087179040033
.adform.net/ Name: TPC
Value: 1698588056678
.ad-srv.net/ Name: u8x7eovwf3h6_uid
Value: a09e34d916f417b9
.awin1.com/ Name: awpv15168
Value: 783431|1698588057|9568b050-7663-11ee-98d5-22653d8c0e4c
.awin1.com/ Name: AWSESS
Value: 361106:2965113
.doubleclick.net/ Name: IDE
Value: AHWqTUm8tKYVpU0j7JexALglKfVERcCc713Byy5YXQ2LOfwM1ZJEiaUw9m5lCyfKW9M

5 Console Messages

Source Level URL
Text
network error URL: http://ask.mallaky.com/qa-theme/SnowFlat/qa-styles.css?1.8.5
Message:
Failed to load resource: net::ERR_CONTENT_DECODING_FAILED
network error URL: http://ask.mallaky.com/qa-content/jquery-3.5.1.min.js
Message:
Failed to load resource: net::ERR_CONTENT_DECODING_FAILED
network error URL: http://ask.mallaky.com/qa-content/qa-global.js?1.8.5
Message:
Failed to load resource: net::ERR_CONTENT_DECODING_FAILED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.ad-srv.net
ad1.ad-srv.net
ask.mallaky.com
cdn.contentspread.net
connect.facebook.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.analytics.google.com
s1.adform.net
smartphoto-media.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tm.ad-srv.net
tpc.googlesyndication.com
track.adform.net
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
ask.mallaky.com
142.250.185.162
142.250.185.174
142.250.185.226
142.250.185.97
145.239.2.103
149.126.4.39
157.240.0.35
157.240.251.9
167.235.3.16
172.217.18.2
172.217.18.4
172.217.18.99
172.217.23.104
173.194.76.157
188.114.97.3
216.239.32.36
37.157.5.132
37.157.6.234
46.4.10.49
92.123.148.9
09a1cb875d5f4f7ec9bdd134a8c8a7e92098a53b848d49e48880d4c6a535e584
127df7452fa8960a17f273eef60809c99a274d0b98b4cc79a04851e23efd7f9e
20330e65a9b228172f81d6cc7de602f4764ca91404ac8f195d10f73d4b6765a0
2899b6e56d08f2393b9e39d98edaee88c8bbd61a1d62e33f805dc05920d07b8b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
4d6b9986621ca2d5fe7d6a74f28f7ff827cbe4461e885275a5dbb46596f6b0bc
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
50cdd2c733223aef58877cd7057a85d60189c1aaa09bec959597c3a7e10c5f23
548a23fbf7e618508771a01e387096da4eac3bfe206f4aaca9f96bfc313d4a29
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56fc7812b79839d7f7a260efa295fe7e26e93af7138bba4f2fa2792b6bee2d79
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69b5c52a7091f23e63dfdbf7cfeb737104914fc34a79c06183794af099a16a1e
6c7e3e8fad675fc459a8b1e8e5f98dd1dfea6cff150cd98995591f2e6507dd58
71c877c17bc9f85f885d695cc934c1f23a6cc4ff2adfd4f4f78ea15e79d8932f
73bf38e360808e83c5e94f6089326848f56880e84dc21c7ab1cc538e6f2b83c4
767765addf06c221aaf666256b34103a84cb5607e8540c23d687aa321775ad8b
769d88232a9005c5f3507551831ccaa4450fd17a6f58e0dda340805bb30e5889
7b2af70e124fb03aa7a708143690f77c86e7f07222d88a948f16baf80531b69b
81166e2229d5977482f89daa3ebb704ab949eca2329e2ef29108b92560a483db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87ddab78809e93ac0f1bd24f63e78e5800ffe8fc695e00233054558615b6a14f
888e033b4bec3f942f22b306164429e6df465654945144806defb97bbef78283
8a0a840d54ebc1a4525af39787c3aa67bdd8a9c75813d0fded90652401dcade5
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b528d2ed0c83e16b16b24b439a11779926a9f23f8c0f826d545395200a2ce586
c50d685f1af219578abccc1f681836ce7eb2dd8600d7c100dd67cf9ad20a83e8
cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84
db4f1bcd761c47fefb895e73f0b4825ed41e3b6b2791def3c6fc54bd9e4b8ab2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e18f0d086b61087425bf51aa7df77242cf2ea7b09a82e1a96f7d727584ed2120
e29e8cb21e6e794d5730c029d3996dc8e79b0841d7bb32cdd10ae34d4fb64760
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e506f3df7e5bfcdcbbf85eb532a79ee77fc120306d0a6fca92b61862939ee575
e5f9d150b7407216dd9064ddf52a5a822f5a35ca5b171ef32f8c82ccd8ddc5c2
ecea1f330b15f16b635fb2e00c30ecdaad22f2e20106d1ed8edb2a27dd598e3b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad320fe3729daf8d0930079ecdb905c4f2e3b97a0f2e4d9969c826847dd202