urlscan.io logo urlscan.io
SecurityTrails logo

ala3raf.net Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://ala3raf.net/user/pughbenton3
Submission: On September 12 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 43 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ala3raf.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 26th 2023. Valid for: a year.
This is the only time ala3raf.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ala3raf.net
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700:10::6814:81f (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    54.39.156.32 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns562579.ip-54-39-156.net
s4.histats.com
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
www.googletagservices.com
1    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
1    184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com
cdn.adnxs.com
5    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a02:26f0:480:22::1726:62f9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
4    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
328 KB
7 ala3raf.net
ala3raf.net
64 KB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 76
13 KB
5 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1903
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6339
30 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
34 KB
2 gstatic.com
fonts.gstatic.com
28 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 13217
s4.histats.com — Cisco Umbrella Rank: 13305
5 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 226
57 KB
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4957
28 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1180
602 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
904 B
43 12
Domain Requested by
9 pagead2.googlesyndication.com ala3raf.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
7 ala3raf.net ala3raf.net
5 www.bing.com 2 redirects googleads.g.doubleclick.net
5 tpc.googlesyndication.com ala3raf.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 ams3-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 www.googletagservices.com ala3raf.net
1 cdn.adnxs.com ala3raf.net
1 adsdk.microsoft.com ala3raf.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 s4.histats.com s10.histats.com
1 s10.histats.com ala3raf.net
1 fonts.googleapis.com ala3raf.net
43 15

This site contains links to these domains. Also see Links.

Domain
fastpaydaycashadvanceloans.com
www.q2amarket.com
www.question2answer.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-26 -
2024-02-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
histats.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2023-04-07 -
2024-04-01		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
r.bing.com
Microsoft RSA TLS CA 01		 2022-11-15 -
2023-11-15		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://ala3raf.net/user/pughbenton3
Frame ID: 849D60CF1EBA46008CD3307F1A2B5FC9
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html
Frame ID: 438D58B74ECD33669E95DC14CA7F448E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1694473989&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fpughbenton3&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694481189237&bpp=22&bdt=481&idt=215&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2533918484488&frm=20&pv=2&ga_vid=1587396566.1694481189&ga_sid=1694481189&ga_hid=1121406824&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C20222282&oid=2&pvsid=3991532089361844&tmod=548942448&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: 58B9AF5C18D2317231CD8BD49A3AA2A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=3302256788&adf=2241773966&pi=t.aa~a.3772429769~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1694473989&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fpughbenton3&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694481189260&bpp=2&bdt=504&idt=293&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2533918484488&frm=20&pv=1&ga_vid=1587396566.1694481189&ga_sid=1694481189&ga_hid=1121406824&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C20222282&oid=2&pvsid=3991532089361844&tmod=548942448&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4GKvryCdhA&p=https%3A//ala3raf.net&dtd=299
Frame ID: 7D6B53CE4F41F54281CE7E88377197AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Frame ID: DF1F2C430A1B258A867704986D7F1C28
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 30B76681A7462B7A3425B1CD8C652688
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 664074F71C8F757FE80758422938CDF1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A63C3157456156576C010F5B05850AFD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

المستخدم pughbenton3 - الأعراف

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

95 %
HTTPS

79 %
IPv6

12
Domains

15
Subdomains

15
IPs

3
Countries

589 kB
Transfer

1648 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=26703cd5-5501-4c1d-8efb-4811161755e0&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=1662dc85-845b-44f9-906a-81c40a4f82d3&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dd6b19378f1284c609aa30efa6c0f14d6%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=2812615748252283683 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d6b19378f1284c609aa30efa6c0f14d6&SNR=1&GV=2&med=10
Request Chain 39
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=26703cd5-5501-4c1d-8efb-4811161755e0&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=1662dc85-845b-44f9-906a-81c40a4f82d3&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dd6b19378f1284c609aa30efa6c0f14d6%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=2812615748252283683 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d6b19378f1284c609aa30efa6c0f14d6&tids=15000&med=10

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pughbenton3
ala3raf.net/user/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ala3raf.net/user/pughbenton3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc41eeafd12fece33e5841bcd8913dde161266dd348846103077713d79fd6cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
80544944fb719b3d-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 12 Sep 2023 01:13:08 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15QoeW80yraNSBhY5rFDc5KsdYJBUzd5bCW9k4huLF9M8J%2Fu6ZZwuS1jnViWH48DLd%2FoijScmUJdUL3%2B0xn3NwDqz68FMUWWM5Jfmh2FFMy3nh10GLmPj6DPzN3u0%2F%2FqExW4Xy%2BjCOm7yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
qa-styles.css
ala3raf.net/qa-theme/SnowFlatCustom/ 		57 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/user/pughbenton3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
434536a8757a2512d573df1c9eee8a47fabc0aeb095817aac992938a2c127195

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/user/pughbenton3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4094
cf-polished
origSize=72593
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 07 May 2020 13:24:30 GMT
server
cloudflare
etag
W/"11b91-5a50eccf09f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrDM1DmP9avqMGUQwZBJ8ilIidGAXf8pUW5rsZhi7CKAHbzT0flWao2rhAgAHc9P2zzRUSJ1rDcMS%2FRsZVNMXa7xQcJ8AEsCkxyhmpiQorXDj5cEC6tlaedwNl9gb72p3zMHApFivZmRdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80544945dbb59b3d-FRA
qa-styles-rtl.css
ala3raf.net/qa-theme/SnowFlatCustom/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles-rtl.css?1.8.4
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/user/pughbenton3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5cd18f5144740a85b80c96dc66e11571033b71a26681f20681c5f8fe9e5188d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/user/pughbenton3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4094
cf-polished
origSize=11674
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jul 2021 10:23:19 GMT
server
cloudflare
etag
W/"2d9a-5c82c600af3c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DD2EVA9upoe72va%2BocaLFpTuGKdyuY6WLrmDup3o1q74YuAZRr5cyXRIQZBRWjrEkagBJjesyN8jrST6Uifwoc%2FezA6JZzI8FNc6M4GRRUb2kyemeqNK4fKjz6JgTVNZiT1hFKby%2F%2Bik6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80544945dbb79b3d-FRA
css
fonts.googleapis.com/ 		1 KB
904 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cairo&display=swap
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/user/pughbenton3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c6500e114cdac56f55c61e0f9e115e760560c1c18bb1b1bfa57ec85ab3b2dcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Sep 2023 01:13:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 00:28:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Sep 2023 01:13:08 GMT
jquery-3.3.1.min.js
ala3raf.net/qa-content/ 		111 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ala3raf.net/qa-content/jquery-3.3.1.min.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/user/pughbenton3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6002e23815ec42acedba12390950c5e1bb68a864af09bc445d29ebafd955acea

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/user/pughbenton3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 May 2020 13:00:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4094
etag
W/"1bb29-5a55eef215040-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrbVmz9fmpNMc2OEKP%2Baolr1tuq90BUFXzsy9bMK5iNA%2FzXvjN8YrS72BwCd%2FxApYR3JMRWD85k0czDmDYVpE619AbESaqQ%2FfQZ6tQG8ZnKRcPtmM2gZiV7IA6WvIbSCghNbm9NUMz4dTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80544945ebbe9b3d-FRA
alt-svc
h3=":443"; ma=86400
qa-global.js
ala3raf.net/qa-content/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ala3raf.net/qa-content/qa-global.js?1.8.4
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/user/pughbenton3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/user/pughbenton3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4094
cf-polished
origSize=20550
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 07 May 2020 13:24:30 GMT
server
cloudflare
etag
W/"5046-5a50eccf09f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SwKvNAQXl%2FYrEtS69w5Y5rLNfHiQRzuAagOlqSRdk0ex5pKIN0A%2FZzIOrAoovHbq69ZRDmV7J%2BMJVJVrlG0kvNchy%2F5bl1repL%2BVZvC74hPTkD0Vqe7pUIMediJIg31qvXTW9jAw0nqLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80544945ebc09b3d-FRA
snow-core.js
ala3raf.net/qa-theme/SnowFlatCustom/js/ 		1 KB
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ala3raf.net/qa-theme/SnowFlatCustom/js/snow-core.js?1.8.4
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/user/pughbenton3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/user/pughbenton3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4094
cf-polished
origSize=2383
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 07 May 2020 13:24:30 GMT
server
cloudflare
etag
W/"94f-5a50eccf09f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWarRQfiZGH5tlGrszYASrRNnKjiD0GeduwaU%2FP2oq5pbE9IaQAoiEwDzkyLJHS7OTp3owwgvoq2ZJr4wMnt0QuWMfmv04KILpDrKVfrh1s8bMhF0MLosI%2B6WUNWKBMLJI%2FUeNkyV6aZrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80544945ebc29b3d-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/user/pughbenton3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f605f2aa8cb03a1f5e6e688dc13284d1cca90eb07eb2165785326ab705eb61eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Origin
https://ala3raf.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50684
x-xss-protection
0
server
cafe
etag
8839556959065253160
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 01:13:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/user/pughbenton3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
caf5bd25e14ac7025ecd2ba562c78d1d3e43edf8ea83a1972559ea80deaaca23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50687
x-xss-protection
0
server
cafe
etag
4815711937006058776
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 01:13:09 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/user/pughbenton3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
33220
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8054494869bd30c0-FRA
content-length
4547
spinner-icon-14x14.gif
ala3raf.net/qa-theme/SnowFlatCustom/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ala3raf.net/qa-theme/SnowFlatCustom/images/spinner-icon-14x14.gif?1410117644
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:09 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 14 Jan 2019 17:38:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1e65-57f6e82f86400"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tf3rhJNIM3XpGiEfD%2BzAKCFa%2Bo9CDx5TxbbJ3IXJKmmHWGUv7KjcgSm7oxuNLam4qQYvuvS4Yd%2Fkwn2ofDF9AhCGABZK21LXYUDDvJjwXvZJXNjrqaCMtPEyQOprQi6cYGh0ZnRAEqjcfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80544947798c047e-FRA
alt-svc
h3=":443"; ma=86400
content-length
7781
SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
fonts.gstatic.com/s/cairo/v28/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cairo/v28/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ala3raf.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:46:22 GMT
x-content-type-options
nosniff
age
322007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15040
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:51:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 07:46:22 GMT
SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
fonts.gstatic.com/s/cairo/v28/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cairo/v28/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
673b09d876a8d35a8e0beb633961ff166b000f51bd2222c4c13e236bc16eaf87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ala3raf.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:48:27 GMT
x-content-type-options
nosniff
age
325482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13388
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:51:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 06:48:27 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08a7a187ae23bd64205ef8866e154ba4d3eef932ed9170730205e97f7f3c0cb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131772
x-xss-protection
0
server
cafe
etag
8516758805673892909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 01:13:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/ Frame 438D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
47043
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:09:06 GMT
etag
8554266389219770021
expires
Mon, 25 Sep 2023 12:09:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
0.php
s4.histats.com/stats/ 		51 B
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4570762&@f16&@g1&@h1&@i1&@j1694481189294&@k0&@l1&@m%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%20pughbenton3%20-%20%D8%A7%D9%84%D8%A3%D8%B9%D8%B1%D8%A7%D9%81&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:12231119&@b3:1694481189&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fala3raf.net%2Fuser%2Fpughbenton3&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.156.32 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns562579.ip-54-39-156.net
Software
/
Resource Hash
24a4779d831fe38915f8b849dffb7f1fbe40aff13bdeda308e7b46a404659bfc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 01:13:09 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8
cookie.js
partner.googleadservices.com/gampad/ 		389 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ala3raf.net&callback=_gfp_s_&client=ca-pub-8343227950611411
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6625e97e0eb043903d8e10b89f0b6e715ed39e1fd5b9dfbd24c49e6210982310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 58B9 		87 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1694473989&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fpughbenton3&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694481189237&bpp=22&bdt=481&idt=215&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2533918484488&frm=20&pv=2&ga_vid=1587396566.1694481189&ga_sid=1694481189&ga_hid=1121406824&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C20222282&oid=2&pvsid=3991532089361844&tmod=548942448&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=253
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa1dbacf06f5e24bc182100ac548376f14d2c82b99dd8bee2c4c660cc37f8984
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
24753
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 01:13:10 GMT
expires
Tue, 12 Sep 2023 01:13:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7D6B 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=3302256788&adf=2241773966&pi=t.aa~a.3772429769~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1694473989&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fpughbenton3&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694481189260&bpp=2&bdt=504&idt=293&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2533918484488&frm=20&pv=1&ga_vid=1587396566.1694481189&ga_sid=1694481189&ga_hid=1121406824&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C20222282&oid=2&pvsid=3991532089361844&tmod=548942448&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4GKvryCdhA&p=https%3A//ala3raf.net&dtd=299
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
234b4e1d5130ea4f558f7444c07a5079f50df75ef0ab974501547cc177b00c87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 01:13:09 GMT
expires
Tue, 12 Sep 2023 01:13:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e56a07251f2ce64255e8c3dca7664bd7eb05c929aca5b44b2f067cedef310f0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53660
x-xss-protection
0
server
cafe
etag
3040434143203105175
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 01:13:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/ Frame DF1F 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
42878
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 13:18:32 GMT
etag
8554266389219770021
expires
Mon, 25 Sep 2023 13:18:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 30B7 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/user/pughbenton3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90eec26631750771c30336de6715aad19b3adc4d4f271686a477c0edc9042a01

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 12 Sep 2023 01:13:09 GMT
content-encoding
br
last-modified
Fri, 08 Sep 2023 16:51:39 GMT
x-azure-ref-originshield
0G0X/ZAAAAABUYm6xuzhsRrfCmNW9vz72RlJBMjMxMDUwNDE3MDUzADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
wSRY0GX/Tl8mHNGm//AbUA==
etag
0x8DBB08BDF109C73
x-azure-ref
0Jrv/ZAAAAAB8R1DfVV1xT7gBWJNaHA4wWlJIRURHRTA2MTQAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
65f27e27-901e-0066-1b6b-e4d290000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame 30B7 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/user/pughbenton3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 01:13:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27646
Expires
Wed, 11 Sep 2024 01:13:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 30B7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/user/pughbenton3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
16088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 20:45:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 30B7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/user/pughbenton3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 17:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
27407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 17:36:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 30B7 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/user/pughbenton3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 01:13:10 GMT
c.gif
www.bing.com/aes/ Frame 30B7
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=26703cd5-5501-4c1d-8efb-4811161755e0&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=1662dc85-845b-44f9...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d6b19378f1284c609aa30efa6c0f14d6&SNR=1&GV=2&med=10
0
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d6b19378f1284c609aa30efa6c0f14d6&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 01:13:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 12BD58A44EE442D798E54538D2E0984F Ref B: FRA31EDGE0507 Ref C: 2023-09-12T01:13:10Z
x-cdn-traceid
0.39d53e17.1694481190.395b89d3
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Tue, 12 Sep 2023 01:13:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FFB1A6FB33A34C80B2B8D643C1132B0A Ref B: MIL30EDGE1306 Ref C: 2023-09-12T01:13:10Z
x-cdn-traceid
0.39d53e17.1694481190.395b89b4
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d6b19378f1284c609aa30efa6c0f14d6&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
th
www.bing.com/ Frame 30B7 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.10239313558903_1BXRRX65GPS5MR39D&pid=21.2&c=3&w=180&h=180&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
42210c2bc9f12ce740cffb341234df8066afacdc32ec32add3a08a621f48de1b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.39d53e17.1694481190.395b89b5
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
11594
alt-svc
h3=":443"; ma=93600
rd_log
ams3-ib.adnxs.com/ Frame 30B7 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fpughbenton3&e=wqT_3QL4A-j4AQAAAwDWAAUBCKX2_qcGEKPm_KHw45qEJxgAKjYJRsTMTU9qtT8RbZUvKtfFtD8ZAAAAIFyP8j8hbQ0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHji8AWAAQGKAQNVU0SSAQEG8KqYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJGh0dHBzOi8vYWxhM3JhZi5uZXQvdXNlci9wdWdoYmVudG9uM4ADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLoBzFiIBQGYBQCgBabqtpKmpsX6bcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFwfoZ-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH4vAF0gcNFWUBJgjaBwYBXqQYAOAHAOoHAggA8AfGgw2KCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=1e9e8b891e2408eedde3125b9991f7fac095c87d&bdref=https%3A%2F%2Fala3raf.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fala3raf.net%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230907%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-8343227950611411%26fa%3D4%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26xpc%3DJ3rSQTG34o%26p%3Dhttps%253A%2F%2Fala3raf.net,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230907%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 01:13:10 GMT
an-x-request-uuid
f745f086-e2a4-4303-8de0-4219545c6820
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.133; 195.206.105.133; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 30B7 		0
557 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fpughbenton3&e=wqT_3QL9Buh9AwAAAwDWAAUBCKX2_qcGEKPm_KHw45qEJxgAKjYJRsTMTU9qtT8RbZUvKtfFtD8ZAAAAIFyP8j8hbQ0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHji8AWAAQGKAQNVU0SSAQEG9PcCmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAiRodHRwczovL2FsYTNyYWYubmV0L3VzZXIvcHVnaGJlbnRvbjOAAwCIAwGQAwCYAwmgAwGqA4QDCpoCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MTY2MmRjODUtODQ1Yi00NGY5LTkwNmEtODFjNDBhNGY4MmQzJmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9MTY2MmRjODUtODQ1Yi00NGY5LTkwNmEtODFjNDBhNGY4MmQzJnJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmdHJhZmZpY1N1Ykdyb3VwPXRxY2VjbmZmJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjgxMjYxNTc0ODI1MjI4MzY4MyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRFEwTlRZM056WTVOemd5TURNak1qTXpOakkxTmpBMU1URTFOVEUwTUE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWm6raSpqbF-m3ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXB-hn6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAfi8AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB8aDDYoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=eb10271b7aea73c50ccf93fa67e7c6c561313659&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=5384025551662651595&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 01:13:10 GMT
an-x-request-uuid
8621bef2-1070-4aac-a8da-4cfd6f9b0ec0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.133; 195.206.105.133; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66a021ff60be0855f70b8861786b237b130d9ca7fc4fe97afbf4f7855e45c096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11768
x-xss-protection
0
truncated
/ Frame 30B7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0303fd3dc6793e96516072e1368a91d21a52022a05f4dcd389a224a43227c24

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 30B7 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CzOCmJbv_ZMDIIt-WiM0Pqcq00A7S4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04MzQzMjI3OTUwNjExNDExyAEJqAMByAMCqgTqAU_QCNEwEx_7-5LtLxp68wQ-saQZjCB7TscFWMKA7htS-adq0Yoy8z_xLZJJVKa55SINkuAdaZgnIGh_gAAWdSDhWLP_vyMVGZVYLiR5UtUGzswo4mvWKmAzXBkNBL0LMzT0xPtYZcQe1OYdcNSh13S3oymr4LrVXtnVYH7zUA6qi1iQrtdMiLcqqFdQSISKUv8pIU0noDseBsGjXogwtHHua8LFKJqCUStxYrb2_LQocqaqQH5RNa6bS_nTqtlEzNbi8vE7sgnpVhhwlsa2ZSubZBSMvfwo7OuLjkMyEZEBWJAFGMkYUUz6b4AGv5D7wLHgyojjAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODM0MzIyNzk1MDYxMTQxMRgA&sigh=GuQvU3MVmBo&uach_m=[UACH]&cid=CAQSGwBpAlJWQ1jvor1Win6RCxvvQy9QAy0cRJku3xgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Sep 2023 01:13:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Sep 2023 01:13:11 GMT
it
ams3-ib.adnxs.com/ Frame 30B7 		0
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fpughbenton3&e=wqT_3QL9Buh9AwAAAwDWAAUBCKX2_qcGEKPm_KHw45qEJxgAKjYJRsTMTU9qtT8RbZUvKtfFtD8ZAAAAIFyP8j8hbQ0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHji8AWAAQGKAQNVU0SSAQEG9PcCmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAiRodHRwczovL2FsYTNyYWYubmV0L3VzZXIvcHVnaGJlbnRvbjOAAwCIAwGQAwCYAwmgAwGqA4QDCpoCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MTY2MmRjODUtODQ1Yi00NGY5LTkwNmEtODFjNDBhNGY4MmQzJmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9MTY2MmRjODUtODQ1Yi00NGY5LTkwNmEtODFjNDBhNGY4MmQzJnJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmdHJhZmZpY1N1Ykdyb3VwPXRxY2VjbmZmJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjgxMjYxNTc0ODI1MjI4MzY4MyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRFEwTlRZM056WTVOemd5TURNak1qTXpOakkxTmpBMU1URTFOVEUwTUE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWm6raSpqbF-m3ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXB-hn6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAfi8AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB8aDDYoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=eb10271b7aea73c50ccf93fa67e7c6c561313659&pp=ZP-7JQAIpEADogtfAA0lKXMAkEwCP8TyYxsK8w&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNDsXJbv_ZMDIIt-WiM0Pqcq00A7S4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04MzQzMjI3OTUwNjExNDExyAEJqAMByAMCqgTtAU_QCNEwEx_7-5LtLxp68wQ-saQZjCB7TscFWMKA7htS-adq0Yoy8z_xLZJJVKa55SINkuAdaZgnIGh_gAAWdSDhWLP_vyMVGZVYLiR5UtUGzswo4mvWKmAzXBkNBL0LMzT0xPtYZcQe1OYdcNSh13S3oymr4LrVXtnVYH7zUA6qi1iQrtdMiLcqqFdQSISKUv8pIU0noDseBsGjXogwtHHua8LFKJqCUStxYrb2_LQocqaqQH5RNa6bS_nTqtlEzNbi8vF5sCh7lLyK-1JMEZ4FPZA6ud8iaOKllpqQl8iF5BAvNNHY0K6X-2o9foAGv5D7wLHgyojjAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Kgb0ftkR0kUIP65RCeH-BiTJoYg%26client%3Dca-pub-8343227950611411%26adurl%3D&cbvp=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 01:13:10 GMT
an-x-request-uuid
377aaa5a-502b-40a7-9695-c470b63764a3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.133; 195.206.105.133; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 01:13:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6640 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
16088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 20:45:03 GMT
expires
Tue, 10 Sep 2024 20:45:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A63C 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cc3fd3ec0a7cf5c988725590508c14af0315e1c44c7ff00742b2588cb749be0d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-erD4_iJUEbc8zTqTc3BlvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
535
content-security-policy
script-src 'report-sample' 'nonce-erD4_iJUEbc8zTqTc3BlvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 01:13:11 GMT
expires
Tue, 12 Sep 2023 01:13:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame 6640 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:45:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
16088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Sep 2024 20:45:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A63C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230907&jk=3991532089361844&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6640 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Aq4FsA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:13:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
c.gif
www.bing.com/aes/ Frame 30B7
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=26703cd5-5501-4c1d-8efb-4811161755e0&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=1662dc85-845b-44f9...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d6b19378f1284c609aa30efa6c0f14d6&tids=15000&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d6b19378f1284c609aa30efa6c0f14d6&tids=15000&med=10
Protocol
H3
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 01:13:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EACC81433BEF4FDCBEA52BFC1388D95F Ref B: FRA31EDGE0208 Ref C: 2023-09-12T01:13:12Z
x-cdn-traceid
0.39d53e17.1694481192.395b8b6c
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Tue, 12 Sep 2023 01:13:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 598B1CCBC6E74CD69F4DB00212A7B8C6 Ref B: MIL30EDGE1412 Ref C: 2023-09-12T01:13:12Z
x-cdn-traceid
0.39d53e17.1694481191.395b8b44
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d6b19378f1284c609aa30efa6c0f14d6&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
vevent
ams3-ib.adnxs.com/ Frame 30B7 		0
558 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fpughbenton3&e=wqT_3QL9Buh9AwAAAwDWAAUBCKX2_qcGEKPm_KHw45qEJxgAKjYJRsTMTU9qtT8RbZUvKtfFtD8ZAAAAIFyP8j8hbQ0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHji8AWAAQGKAQNVU0SSAQEG9PcCmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAiRodHRwczovL2FsYTNyYWYubmV0L3VzZXIvcHVnaGJlbnRvbjOAAwCIAwGQAwCYAwmgAwGqA4QDCpoCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MTY2MmRjODUtODQ1Yi00NGY5LTkwNmEtODFjNDBhNGY4MmQzJmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9MTY2MmRjODUtODQ1Yi00NGY5LTkwNmEtODFjNDBhNGY4MmQzJnJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmdHJhZmZpY1N1Ykdyb3VwPXRxY2VjbmZmJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjgxMjYxNTc0ODI1MjI4MzY4MyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRFEwTlRZM056WTVOemd5TURNak1qTXpOakkxTmpBMU1URTFOVEUwTUE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWm6raSpqbF-m3ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXB-hn6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAfi8AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB8aDDYoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=eb10271b7aea73c50ccf93fa67e7c6c561313659&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=5384025551662651595&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 01:13:11 GMT
an-x-request-uuid
085edd65-1892-4986-9745-0403713243be
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.133; 195.206.105.133; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 30B7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudIARNVRU6t7EZN_nV5Jnp6NUisfJQIt2swxL1C_gg7aQD0DMhgXILWJQ7wLMmGXgX3blCnZ0jbJ095WgWxJ9Gq9jc-BIotam2_wQj&sig=Cg0ArKJSzDDbNpqH0XHdEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694481190366&rpt=545&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 01:13:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230907&jk=3991532089361844&bg=!4-Cl4K_NAAa6D61Rmg87ADQBe5WfOFNI1SA_mzTk05UAukNnhZz1D1NNQ5wNJjFiDzBP7BEzxqQOJh5Y1yNTKy2AhIL0AgAAAXZSAAAAFGgBBwoAQmMps5eE4VqHRnu2qG7uV-w4x9MOcaL2OYbv_DvM7SsnQZW3VnRvI8CYEQa-r3NDbjkvGQUlE1enV1F28su_OZjcnZkCsytmxEywcraFFGiegNoOAZzydESfhEONibNUxQOBhI3N894sIUR0tuNobbweBbFcjjuHJR1Uub77eZ929AnezkPFIacCQpVH0JAujoTwtzSCX8qTzc9Ol5FVHGAU83TfNb3d_oQ5cmG8Two0wlN-i1LANHsnNj_LbVxxJ2DTUtMUDl81W9xM46AgLCsl8JG9cNfLp3CIgKt6D5k1ueannm6eccGgnnjiqRZshc6HkrO2AGZpTPwlCMOC4HcrmQtGeN2dPhcN1haohXLvpdhgK9PbZW73huxOvDFTRHU4tVWk6I1TsLb8w2ySDwi-1nnghML5I2O7k6qAKd2xuLDB2bKotC6k4mF7jQ27lqWr7EQUZZUVE2pt_mc2KNZ5SdybB6rM6antQ5UZRscc6fdoZT-eoA6Fi3PmhsJl5P6ElrVBik0Epz3btDrQytzQtzrqudK7thMuv4aBW-wvTf-3cqWLh68Fn8NGXl9M6V5og8XuREHq8N5p_loeFRrvFLjNnnIt4qyO6IWF2LnKO-XN5DGKpoxE-UGgiZjCBJmjgcUzhfBnEdk_hXsE7uGI3-3u47QVo1EkMcMSe9UyYS-YlleTdwG0ojJtUjlkfa9nchsXTdwcPbF7J50Eedeq9s0QD3cNr_XY8OzXWTO99WSMorX_GU0_ceZbsedyGHGTet9weucz1xIOS5w1a7nL9fnzWnfCb202hQwqiOw4d_lyCuiEfEqjt1bYJvaMkprO3vsk3znz5hB6aDdki5gfGQZcfMgteZCWoQCAFYAIDPQbu6WBJXciniZirweduuDc_XsdQF20vWvUd7IoYqTkChLpypsRLN2-77yr1fPe7SGYh8rJYdepYJeGiAPsCZfx33DWtXL6WutK4cB8JucVKaOSp7yAVCrW3qISMfCLxEvD7VQ-DG0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture string| qa_root string| qa_request function| $ function| jQuery number| _x000ade32f function| _x1ab32cdf function| qa_reveal function| qa_conceal function| qa_set_inner_html function| qa_set_outer_html function| qa_show_waiting_after function| qa_hide_waiting function| qa_vote_click function| qa_notice_click function| qa_favorite_click function| qa_ajax_post function| qa_ajax_error function| qa_display_rule_show object| qa_element_revealed function| qa_toggle_element function| qa_submit_answer function| qa_submit_comment function| qa_answer_click function| qa_comment_click function| qa_show_comments function| qa_form_params function| qa_scroll_page_to function| qa_title_change function| qa_html_unescape function| qa_html_escape function| qa_tag_click function| qa_tag_hints function| qa_tags_to_html function| qa_caret_from_end function| qa_tag_typed_parts function| qa_category_select function| set_category_description function| qa_submit_wall_post function| qa_wall_post_click function| qa_pm_click object| b object| adsbygoogle object| _Hasync object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| chfh function| chfh2 string| _HST_cntval object| Histats function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| _HistatsCounterGraphics_0_setValues object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

13 Cookies

Domain/Path Name / Value
ala3raf.net/ Name: PHPSESSID
Value: i0m1iehj121voq1h71u0311oj2
ala3raf.net/ Name: qa_key
Value: zgc7zymlwj9v3fh1c6vsw8pwofa66ge8
ala3raf.net/ Name: HstCfa4570762
Value: 1694481189294
ala3raf.net/ Name: HstCla4570762
Value: 1694481189294
ala3raf.net/ Name: HstCmu4570762
Value: 1694481189294
ala3raf.net/ Name: HstPn4570762
Value: 1
ala3raf.net/ Name: HstPt4570762
Value: 1
ala3raf.net/ Name: HstCnv4570762
Value: 1
ala3raf.net/ Name: HstCns4570762
Value: 1
.ala3raf.net/ Name: __gads
Value: ID=8a9ae191b98bda67-2255df136ede006a:T=1694481189:RT=1694481189:S=ALNI_MbzgpMlqrzBusyzanvhL64Se9njQA
.ala3raf.net/ Name: __gpi
Value: UID=00000c73f06f9fef:T=1694481189:RT=1694481189:S=ALNI_Ma5KwILCkMZ-eR6G1OnV2RGAEMOCg
.bing.com/ Name: MUID
Value: 39CD6E7A40C563471A417DF041B26225
.doubleclick.net/ Name: IDE
Value: AHWqTUkSmLT3VlfNFlxJHHPUE3tJy01VqcM3hMqqdvmRxG9BCcWqQb460N5rRmzQa5Q

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
ala3raf.net
ams3-ib.adnxs.com
cdn.adnxs.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s10.histats.com
s4.histats.com
tpc.googlesyndication.com
www.bing.com
www.google.com
www.googletagservices.com
184.30.16.183
185.89.210.101
2606:4700:10::6814:81f
2620:1ec:bdf::45
2a00:1450:4001:801::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a02:26f0:480:22::1726:62f9
2a06:98c1:3120::3
54.39.156.32
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
08a7a187ae23bd64205ef8866e154ba4d3eef932ed9170730205e97f7f3c0cb0
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
1c6500e114cdac56f55c61e0f9e115e760560c1c18bb1b1bfa57ec85ab3b2dcb
1fc41eeafd12fece33e5841bcd8913dde161266dd348846103077713d79fd6cf
234b4e1d5130ea4f558f7444c07a5079f50df75ef0ab974501547cc177b00c87
24a4779d831fe38915f8b849dffb7f1fbe40aff13bdeda308e7b46a404659bfc
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
42210c2bc9f12ce740cffb341234df8066afacdc32ec32add3a08a621f48de1b
434536a8757a2512d573df1c9eee8a47fabc0aeb095817aac992938a2c127195
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
6002e23815ec42acedba12390950c5e1bb68a864af09bc445d29ebafd955acea
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6625e97e0eb043903d8e10b89f0b6e715ed39e1fd5b9dfbd24c49e6210982310
66a021ff60be0855f70b8861786b237b130d9ca7fc4fe97afbf4f7855e45c096
673b09d876a8d35a8e0beb633961ff166b000f51bd2222c4c13e236bc16eaf87
90eec26631750771c30336de6715aad19b3adc4d4f271686a477c0edc9042a01
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
c0303fd3dc6793e96516072e1368a91d21a52022a05f4dcd389a224a43227c24
cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84
caf5bd25e14ac7025ecd2ba562c78d1d3e43edf8ea83a1972559ea80deaaca23
cc3fd3ec0a7cf5c988725590508c14af0315e1c44c7ff00742b2588cb749be0d
cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb
cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56a07251f2ce64255e8c3dca7664bd7eb05c929aca5b44b2f067cedef310f0b
e5cd18f5144740a85b80c96dc66e11571033b71a26681f20681c5f8fe9e5188d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f605f2aa8cb03a1f5e6e688dc13284d1cca90eb07eb2165785326ab705eb61eb
fa1dbacf06f5e24bc182100ac548376f14d2c82b99dd8bee2c4c660cc37f8984