ala3raf.net Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ala3raf.net/user/breadpoppy5
Submission: On October 06 via manual (October 6th 2023, 8:33:50 pm UTC) from KH — Scanned from CH

Summary HTTP 50 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 19 domains to perform 50 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ala3raf.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 26th 2023. Valid for: a year.

This is the only time ala3raf.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:81f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	149.56.240.127 149.56.240.127	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::63 2620:1ec:46::63	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	184.30.16.183 184.30.16.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	2a02:26f0:480... 2a02:26f0:480:d::210:f14b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	23.212.215.156 23.212.215.156	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	165.254.203.172 165.254.203.172	2914 (NTT-LTD-2914) (NTT-LTD-2914)
6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	18.213.189.173 18.213.189.173	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	52.71.211.164 52.71.211.164	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2.16.238.13 2.16.238.13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
50	18

7 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ala3raf.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:81f (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:d::210:f14b (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.215.156 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-215-156.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 165.254.203.172 (United States) 1 redirects

ASN2914 (NTT-LTD-2914, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.189.173 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-189-173.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.211.164 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-211-164.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.238.13 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-13.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	281 KB
12	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	32 KB
7	ala3raf.net ala3raf.net	64 KB
4	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 2045 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6890	29 KB
3	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 75	13 KB
2	owneriq.net 1 redirects px.owneriq.net — Cisco Umbrella Rank: 2007	476 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 12099 s4.histats.com — Cisco Umbrella Rank: 11973	5 KB
2	gstatic.com fonts.gstatic.com	28 KB
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2907	984 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 915	1 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 648	363 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 5702	616 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 782	541 B
1	mxptint.net 1 redirects aep.mxptint.net — Cisco Umbrella Rank: 7081	732 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	59 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4847	29 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	601 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	904 B
50	19

	Domain	Requested by
8	pagead2.googlesyndication.com	ala3raf.net pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
7	ala3raf.net	ala3raf.net
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
3	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
3	www.bing.com	1 redirects googleads.g.doubleclick.net
2	px.owneriq.net	1 redirects
2	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
1	analytics.pangle-ads.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	fksnk.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	aep.mxptint.net	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	cdn.adnxs.com	googleads.g.doubleclick.net
1	adsdk.microsoft.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	ala3raf.net
1	fonts.googleapis.com	ala3raf.net
50	23

This site contains links to these domains. Also see Links.

Domain
unlm.ac.id
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-26` - `2024-02-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
histats.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://ala3raf.net/user/breadpoppy5
Frame ID: D9A33F70BDB59DA31B33CC92BBCBB7B2
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: E34FA7ACF3E2EF06B42D161C43C16B38
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1696617225&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624425723&bpp=18&bdt=257&idt=207&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8446258147636&frm=20&pv=2&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=230
Frame ID: 131F7D56EAEB55EF7B5B76EC6199640B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696617225&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624425742&bpp=1&bdt=276&idt=223&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8446258147636&frm=20&pv=1&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YQUooyVQ7T&p=https%3A//ala3raf.net&dtd=227
Frame ID: FDDAF90648F1D4974A120630E11A9F5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=1850594498&adf=1409212968&pi=t.aa~a.2977023874~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1696617226&rafmt=1&to=qs&pwprc=8890230846&format=1180x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624426736&bpp=1&bdt=1270&idt=-M&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67db5c8e8dcb33c8%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MbSwn-Ay3bpMNSehZzK7EllU-Blig&gpic=UID%3D00000cb83736472a%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MZ2JiHzK14YnuPoB_vkUk9GKfnyVA&prev_fmts=0x0%2C1200x280&nras=3&correlator=8446258147636&frm=20&pv=1&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=i7mL1OzyA6&p=https%3A//ala3raf.net&dtd=3
Frame ID: 0181E2FA4935DB6737EA022DE377BC9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696617226&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624426736&bpp=1&bdt=1271&idt=0&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67db5c8e8dcb33c8%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MbSwn-Ay3bpMNSehZzK7EllU-Blig&gpic=UID%3D00000cb83736472a%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MZ2JiHzK14YnuPoB_vkUk9GKfnyVA&prev_fmts=0x0%2C1200x280%2C1180x90&nras=4&correlator=8446258147636&frm=20&pv=1&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y21j7X4erM&p=https%3A//ala3raf.net&dtd=6
Frame ID: 29B3018D9BADA885AFCF31323E7079C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F9D8D75B796AC3BDC36491AE8008B362
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 443896F270664F1E662AF392B31F24AD
Requests: 2 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 119022E8081635CC7CC45AC1FBF18B90
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5ED5DE5D1419081054518D2E55A2FB17
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

المستخدم breadpoppy5 - الأعراف

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

86 %
HTTPS

50 %
IPv6

19
Domains

23
Subdomains

18
IPs

4
Countries

543 kB
Transfer

1493 kB
Size

24
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://unlm.ac.id/
Title: https://unlm.ac.id/

Search URL Search Domain Scan URL

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=9792fae5-be58-4b2e-8e45-ef4516cf972d&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=cf7d7089-6f0f-407d-b4df-9944c9e98774&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D4c961775016343a9879d3b77a45f93ee%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba&aid=6076595157599886056 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4c961775016343a9879d3b77a45f93ee&SNR=1&GV=2&med=10

Request Chain 42

https://px.owneriq.net/ecmg?google_gid=CAESENgQdiuXlf7YoLjBdauq6P4&google_cver=1&google_push=AXcoOmTyZjVLqezYRXFi0WMjztKrJo9B3wGzRkEu73yFt2V9nAH5686WpFQV6Pb41vPl98LVrJdbKsr7yGWTUPU9kx7nihqFsduhRac HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 43

https://aep.mxptint.net/sn.ashx?google_gid=CAESEIz2Fh7mdmGqxDOpBbpbaWc&google_cver=1&google_push=AXcoOmTm_FSR5zjDqwlto5HYgz6p0WnzmIeCEsI6vnJCvuPoyS7fBBh2vtWo3lnqz7dEpwM1r5Rhz0tVDxqi2gPjLsE3v_kHpmvbR5g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTm_FSR5zjDqwlto5HYgz6p0WnzmIeCEsI6vnJCvuPoyS7fBBh2vtWo3lnqz7dEpwM1r5Rhz0tVDxqi2gPjLsE3v_kHpmvbR5g&google_hm=UjM1Q0FCXzEwQTI0OUQxMV84QjFFRDhBQQ%3D%3D

Request Chain 44

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPZQJvIkmoPTL3T71ok1Zl4&google_cver=1&google_push=AXcoOmQ5uTA2YK7S8SNIaP0-f-tBqpkVAOYZNaGEqVeXVjsrcQFHY8oAsyq7kyWU_m1kIgPTzLIKrm3ecGmjnGfhX8IcG6IZ9MBl19g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPZQJvIkmoPTL3T71ok1Zl4&google_push=AXcoOmQ5uTA2YK7S8SNIaP0-f-tBqpkVAOYZNaGEqVeXVjsrcQFHY8oAsyq7kyWU_m1kIgPTzLIKrm3ecGmjnGfhX8IcG6IZ9MBl19g

Request Chain 45

https://fksnk.com/cs/google?google_gid=CAESEKb1omF4EYCHGtwzI-cPHIs&google_cver=1&google_push=AXcoOmQoPgOPlbtwLkzQz0rRZnRUGwqKVupeO9UlLf_PwAcBqGpkHTfZVAls7I1QyiJWfrRDJUuzCtKfeBAZEjmqG5tIsxmaDjS2RA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjNGNzUzNzlCNjdDQkIxNA==

Request Chain 47

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEMvR52A7vMCzFb6jVDeIyGM&google_cver=1&google_push=AXcoOmQfBktOZtpkX_0kPB5N7di3jq7i-YeTpz4OgvZa03uRN_aDGdgHPoIAfRwbyIjC8zWI9PXRiU2xU8-uOGzeqKgCr1-_WQoZIbE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=WWqjTZW1XNVVmhM276ZFpbAKahU&google_push=AXcoOmQfBktOZtpkX_0kPB5N7di3jq7i-YeTpz4OgvZa03uRN_aDGdgHPoIAfRwbyIjC8zWI9PXRiU2xU8-uOGzeqKgCr1-_WQoZIbE

Request Chain 48

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEMrdnfVCXhYKrk95vbJkc40&google_cver=1&google_push=AXcoOmSVOsTslRYmpHKp9I651z1OmmShQoGQ4bJSgWXnh7iNW7dWxkmsDbgyoHrU5nzFC0aFqyb0H2TkqVObW40cvQ0GlQFnZN9QIK-l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSVOsTslRYmpHKp9I651z1OmmShQoGQ4bJSgWXnh7iNW7dWxkmsDbgyoHrU5nzFC0aFqyb0H2TkqVObW40cvQ0GlQFnZN9QIK-l

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request breadpoppy5 Show response
ala3raf.net/user/ 13 KB
4 KB 925ms
856ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/user/breadpoppy5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d600078cd98ca3f968a2d74a82f2f29517629a930d97868f7c137ac08e03080

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8120ae5ddfbb0e85-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Oct 2023 20:33:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7mQ1seUcM9AkiDPcpcedie2oMhrDAH1JzcaxhyxFQlTkJ8xW9xoTwWIh0fVfXcHKAxSEMSGFNJGqd0BnCDQq034Sj1nu6K8QI8YQX0s3ZZVhBAnJYJVhSZX5%2BlSDM7ELAmqrqI2pxpIQg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 qa-styles.css
ala3raf.net/qa-theme/SnowFlatCustom/ 57 KB
11 KB 36ms
34ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/breadpoppy5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 434536a8757a2512d573df1c9eee8a47fabc0aeb095817aac992938a2c127195

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/breadpoppy5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5122
cf-polished: origSize=72593
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 07 May 2020 13:24:30 GMT
server: cloudflare
etag: W/"11b91-5a50eccf09f80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFaxF1GKP0JFEstNIcuemY9UkUg%2FWiECj25YAXHwkZV80%2BJV%2B2RR6oRnAB2LKpBMvA5Wz1WH%2BYF%2FARCGKsmelmqfwO2OO1yFCEmzfL0%2Bz5L6t7KPx9VrkE%2BE5%2FbJJhd8XqHxoOvb6nRvWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8120ae633e190e85-MXP

GET
H2 200 qa-styles-rtl.css
ala3raf.net/qa-theme/SnowFlatCustom/ 10 KB
3 KB 37ms
36ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles-rtl.css?1.8.4
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/breadpoppy5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5cd18f5144740a85b80c96dc66e11571033b71a26681f20681c5f8fe9e5188d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/breadpoppy5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 220
cf-polished: origSize=11674
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jul 2021 10:23:19 GMT
server: cloudflare
etag: W/"2d9a-5c82c600af3c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjJG6cptQSI9Jln%2FPrHqVk%2FCJ0F7K2kACVi8svHLoLEnDqOxfuMj7cZWiP204FKrDG%2B6vvss4VaiDaEoX4gGZ0bVynzG7NXbR2ND1HP31NXEQrEfhIHdl%2BRy1%2FCSgcDCIypUlt5satvf2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8120ae633e1a0e85-MXP

GET
H2 200 css
fonts.googleapis.com/ 1 KB
904 B 104ms
38ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo&display=swap

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/breadpoppy5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c6500e114cdac56f55c61e0f9e115e760560c1c18bb1b1bfa57ec85ab3b2dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Oct 2023 20:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 20:33:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Oct 2023 20:33:45 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
ala3raf.net/qa-content/ 111 KB
33 KB 39ms
38ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-content/jquery-3.3.1.min.js
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/breadpoppy5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6002e23815ec42acedba12390950c5e1bb68a864af09bc445d29ebafd955acea

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/breadpoppy5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 May 2020 13:00:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 220
etag: W/"1bb29-5a55eef215040-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IypC0rRKwNGYMwUJ0Sk1h2yrMMEVHNtC2rAH1M0KVdrZv1b470HChACyrf01YNxDBjS0PVtDYA7LFRGTdQBEWPxQ%2Fy1Ap3m100HOtx6dq2uEiuSHJ8dWMrjIalY2xJsPneTSkf9sHktiGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8120ae633e1b0e85-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 qa-global.js Show response
ala3raf.net/qa-content/ 15 KB
4 KB 37ms
37ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-content/qa-global.js?1.8.4
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/breadpoppy5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/breadpoppy5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 220
cf-polished: origSize=20550
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 07 May 2020 13:24:30 GMT
server: cloudflare
etag: W/"5046-5a50eccf09f80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d40GdYXxd%2Fr3bGwCFBMdehKofsCKWgf1i33f3bnvsUxFudL1QeU6%2FKKbaRnW%2FvRZdoNhhUxP5KS7w2kRaz683qxWl8UavYgKuD26pxGbTGio4ZgwNnTt2Z%2FnJoucqrVjQZcZLlMTmcNBKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8120ae633e1c0e85-MXP

GET
H2 200 snow-core.js Show response
ala3raf.net/qa-theme/SnowFlatCustom/js/ 1 KB
761 B 36ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/js/snow-core.js?1.8.4
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/breadpoppy5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/breadpoppy5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5798
cf-polished: origSize=2383
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 07 May 2020 13:24:30 GMT
server: cloudflare
etag: W/"94f-5a50eccf09f80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzDlZcCuL5b7CwqRqt%2F7CRswLyAtjK5SfduWBoe64cnx1q3HMM5GdjUPnjjyLxJCA0a177sZAX88Ppgohufqej6EsPZxUiYc9eOwebMkeEyxLbZH1mBtcapMzba76Y2a9OGCq%2FU%2B1%2FlnWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8120ae633e1d0e85-MXP

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 145ms
78ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/breadpoppy5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6374473bb9180662261add71dea512784e6cb0e4b9171eaaf30e3216b7be7a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Origin: https://ala3raf.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51084
x-xss-protection: 0
server: cafe
etag: 15863335667887270581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 20:33:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 182ms
116ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/breadpoppy5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55476726eb3af59354224a2c17109c88e6b36a786de17a2ed9cac1f58235d4ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51080
x-xss-protection: 0
server: cafe
etag: 10212567715811781026
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 20:33:45 GMT

GET
H2 200 SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
fonts.gstatic.com/s/cairo/v28/ 13 KB
14 KB 95ms
29ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v28/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

673b09d876a8d35a8e0beb633961ff166b000f51bd2222c4c13e236bc16eaf87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ala3raf.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:48:58 GMT
x-content-type-options: nosniff
age: 49487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13388
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:51:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:48:58 GMT

GET
H2 200 SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
fonts.gstatic.com/s/cairo/v28/ 15 KB
15 KB 101ms
35ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v28/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ala3raf.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:46:24 GMT
x-content-type-options: nosniff
age: 46041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:51:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 07:46:24 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 112ms
37ms Script
text/javascript 2606:4700:10::6814:81f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/breadpoppy5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 1821
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8120ae649a5c0dc6-MXP
content-length: 4547

GET
H3 200 spinner-icon-14x14.gif
ala3raf.net/qa-theme/SnowFlatCustom/images/ 8 KB
8 KB 35ms
34ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:45 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Jan 2019 17:38:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 17
etag: "1e65-57f6e82f86400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Cp2%2F1RTijk3e1XWdtqeIwpJVOyopi2dcCsdSp4Zua7GKgEdmYEr7Dvl55oLf8D%2BvyhT%2FblPkSs7iG4Nu4Jh%2BL2pET7CxglOo4jUDZ%2F7wKaTD8SLb%2BoGcmVtGpkQVuUFUXT%2FzKWvGgplKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8120ae641a890d64-MXP
alt-svc: h3=":443"; ma=86400
content-length: 7781

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 389 KB
132 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078488

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d9b47108c9ab73f5169dd2e09298cc7494c93d82619be50dd10387ded08792e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135147
x-xss-protection: 0
server: cafe
etag: 15988165156328563723
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 20:33:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame E34F 10 KB
5 KB 96ms
29ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 21916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:28:29 GMT
etag: 2603938475786422795
expires: Fri, 20 Oct 2023 14:28:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 367ms
119ms Script
text/html 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4570762&@f16&@g1&@h1&@i1&@j1696624425771&@k0&@l1&@m%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%20breadpoppy5%20-%20%D8%A7%D9%84%D8%A3%D8%B9%D8%B1%D8%A7%D9%81&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:95504476&@b3:1696624426&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: e163650eb3de4fc2368ce9aac3131fc5cbe65e160b20702bf234cfc8ec0b21c6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 20:33:46 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
601 B 107ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ala3raf.net&callback=_gfp_s_&client=ca-pub-8343227950611411

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc1344e7e4da88838f8ba2e95e04a88e631d4e94b1138540df92980ccccdc7e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 131F 15 KB
5 KB 740ms
740ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1696617225&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624425723&bpp=18&bdt=257&idt=207&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8446258147636&frm=20&pv=2&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=230

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966265a82395d39e3b2c653fde6e0a5c7c67f6457ffede313b7eaaae6cb8dbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5302
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 20:33:46 GMT
expires: Fri, 06 Oct 2023 20:33:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FDDA 718 B
580 B 445ms
444ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696617225&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624425742&bpp=1&bdt=276&idt=223&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8446258147636&frm=20&pv=1&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YQUooyVQ7T&p=https%3A//ala3raf.net&dtd=227

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb2842acb447a7348b0debb0b1126548a006e45f5abc6e295b01f3e653f7cf8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 20:33:46 GMT
expires: Fri, 06 Oct 2023 20:33:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 78ms
77ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b5ca2b47551aa9d957efde90c70d82594a7cb6448041385242c03cebf816ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11908
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0181 436 B
237 B 487ms
487ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=1850594498&adf=1409212968&pi=t.aa~a.2977023874~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1696617226&rafmt=1&to=qs&pwprc=8890230846&format=1180x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624426736&bpp=1&bdt=1270&idt=-M&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67db5c8e8dcb33c8%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MbSwn-Ay3bpMNSehZzK7EllU-Blig&gpic=UID%3D00000cb83736472a%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MZ2JiHzK14YnuPoB_vkUk9GKfnyVA&prev_fmts=0x0%2C1200x280&nras=3&correlator=8446258147636&frm=20&pv=1&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=1282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=i7mL1OzyA6&p=https%3A//ala3raf.net&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d19146f8203fbf9734668450ac1f279efcc77d37b106fe1fa5a8e83e25630b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 20:33:47 GMT
expires: Fri, 06 Oct 2023 20:33:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 29B3 58 KB
20 KB 579ms
578ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696617226&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624426736&bpp=1&bdt=1271&idt=0&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67db5c8e8dcb33c8%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MbSwn-Ay3bpMNSehZzK7EllU-Blig&gpic=UID%3D00000cb83736472a%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MZ2JiHzK14YnuPoB_vkUk9GKfnyVA&prev_fmts=0x0%2C1200x280%2C1180x90&nras=4&correlator=8446258147636&frm=20&pv=1&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y21j7X4erM&p=https%3A//ala3raf.net&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b00f5fe5dbb0e589ce68b9f5915d733c966bacf56a90182bc97f21b0be0155b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 20409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 20:33:47 GMT
expires: Fri, 06 Oct 2023 20:33:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 108ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 20:33:46 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F9D8 13 KB
5 KB 35ms
34ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 133001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 07:37:05 GMT
expires: Fri, 04 Oct 2024 07:37:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4438 829 B
1 KB 108ms
39ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a7f978b9f0d5c8370c40128c010bd890e10f4ad0f33a5e4afccdd65ca37a7bb8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VtFsysPV-W9jSyFKJUnihg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VtFsysPV-W9jSyFKJUnihg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 20:33:47 GMT
expires: Fri, 06 Oct 2023 20:33:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame F9D8 37 KB
14 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:29:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Oct 2024 13:29:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4438 0
0 72ms
72ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=2198543878659124&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F9D8 0
10 B 50ms
37ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RTBTlQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 1190 89 KB
29 KB 147ms
28ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696617226&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624426736&bpp=1&bdt=1271&idt=0&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67db5c8e8dcb33c8%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MbSwn-Ay3bpMNSehZzK7EllU-Blig&gpic=UID%3D00000cb83736472a%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MZ2JiHzK14YnuPoB_vkUk9GKfnyVA&prev_fmts=0x0%2C1200x280%2C1180x90&nras=4&correlator=8446258147636&frm=20&pv=1&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y21j7X4erM&p=https%3A//ala3raf.net&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4672e11a0ddc1063a6a119cac90b54f9820fc93de2ddae2baba935805c522a13

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 06 Oct 2023 20:33:46 GMT
content-encoding: br
last-modified: Thu, 05 Oct 2023 15:35:10 GMT
x-azure-ref-originshield: 0l2IgZQAAAABFzg0U0f2UTLGqLxzzO0WqRlJBMjMxMDUwNDE4MDM5ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5: JF/4cK8qgLivE0HxtMcGeQ==
etag: 0x8DBC5B8A8DC000A
x-azure-ref: 0K28gZQAAAAB5Zjha0M1DSI+H27BhMYeLWlJIRURHRTA2MjAAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f0cb2418-401e-0063-3c70-f8559a000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 1190 80 KB
27 KB 139ms
40ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696617226&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624426736&bpp=1&bdt=1271&idt=0&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67db5c8e8dcb33c8%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MbSwn-Ay3bpMNSehZzK7EllU-Blig&gpic=UID%3D00000cb83736472a%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MZ2JiHzK14YnuPoB_vkUk9GKfnyVA&prev_fmts=0x0%2C1200x280%2C1180x90&nras=4&correlator=8446258147636&frm=20&pv=1&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y21j7X4erM&p=https%3A//ala3raf.net&dtd=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 20:33:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sat, 05 Oct 2024 20:33:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1190 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696617226&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624426736&bpp=1&bdt=1271&idt=0&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67db5c8e8dcb33c8%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MbSwn-Ay3bpMNSehZzK7EllU-Blig&gpic=UID%3D00000cb83736472a%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MZ2JiHzK14YnuPoB_vkUk9GKfnyVA&prev_fmts=0x0%2C1200x280%2C1180x90&nras=4&correlator=8446258147636&frm=20&pv=1&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y21j7X4erM&p=https%3A//ala3raf.net&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1190 20 KB
8 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1190 0
0 38ms
37ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSonGBBxUlv_5jgpxK9mLXauq9Uoy0foBPQh8iBJS8lVKMuNceIinqWyu9VcuT1XOxpymKjs5T1xAJxzcAsutAHTfNrIw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696617226&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624426736&bpp=1&bdt=1271&idt=0&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67db5c8e8dcb33c8%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MbSwn-Ay3bpMNSehZzK7EllU-Blig&gpic=UID%3D00000cb83736472a%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MZ2JiHzK14YnuPoB_vkUk9GKfnyVA&prev_fmts=0x0%2C1200x280%2C1180x90&nras=4&correlator=8446258147636&frm=20&pv=1&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y21j7X4erM&p=https%3A//ala3raf.net&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1190 187 KB
59 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 20:33:47 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 1190
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=9792fae5-be58-4b2e-8e45-ef4516cf972d&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=cf7d7089-6f0f-407d...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4c961775016343a9879d3b77a45f93ee&SNR=1&GV=2&med=10

0
545 B

67ms
67ms

Image
text/plain

2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4c961775016343a9879d3b77a45f93ee&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696617226&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624426736&bpp=1&bdt=1271&idt=0&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67db5c8e8dcb33c8%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MbSwn-Ay3bpMNSehZzK7EllU-Blig&gpic=UID%3D00000cb83736472a%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MZ2JiHzK14YnuPoB_vkUk9GKfnyVA&prev_fmts=0x0%2C1200x280%2C1180x90&nras=4&correlator=8446258147636&frm=20&pv=1&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y21j7X4erM&p=https%3A//ala3raf.net&dtd=6
Protocol: H2
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 20:33:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4CE6FB9F18E647FCB9112F0413C0BEB5 Ref B: FRAEDGE1522 Ref C: 2023-10-06T20:33:47Z
x-cdn-traceid: 0.0bf01002.1696624427.42d28701
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 06 Oct 2023 20:33:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F8CBB9CA56B54124A32685C26FA36764 Ref B: MIL30EDGE1118 Ref C: 2023-10-06T20:33:47Z
x-cdn-traceid: 0.0bf01002.1696624427.42d2846e
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4c961775016343a9879d3b77a45f93ee&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 1190 11 KB
12 KB 35ms
35ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7902774012300_1R334Y0TIADK0A9PRU&pid=21.2&c=3&w=200&h=105&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696617226&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624426736&bpp=1&bdt=1271&idt=0&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67db5c8e8dcb33c8%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MbSwn-Ay3bpMNSehZzK7EllU-Blig&gpic=UID%3D00000cb83736472a%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MZ2JiHzK14YnuPoB_vkUk9GKfnyVA&prev_fmts=0x0%2C1200x280%2C1180x90&nras=4&correlator=8446258147636&frm=20&pv=1&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y21j7X4erM&p=https%3A//ala3raf.net&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 78af1a6e1276d30af57e61b65b853bc2738a87f32f361c5ec8203a0c1b65b188

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:47 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.0bf01002.1696624427.42d286ee
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 11517
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 1190 0
531 B 127ms
38ms Script
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&e=wqT_3QL4A-j4AQAAAwDWAAUBCKregakGEOi15qSc45mqVBgAKjYJMJaPsfJxlT8RzdaN5D_NlD8ZAAAAANej0D8hzQ0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4xvEFgAEBigEDVVNEkgUG8KqYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJGh0dHBzOi8vYWxhM3JhZi5uZXQvdXNlci9icmVhZHBvcHB5NYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLoBzFSIBQGYBQCgBY3JwoDts5rAQ8AFAMkFIRkcAADwP9IFCQkJDHgAANgFAeAFAfAFs5sM-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB8bxBdIHDRVlASYI2gcGAV6kGADgBwDqBwIIAPAH4IMNiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=af1b3198169d60f2f2d02ec0e406abca81575797&bdref=https%3A%2F%2Fala3raf.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fala3raf.net%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8343227950611411%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D1588159632%26pi%3Dt.aa~a.2376638792~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696617226%26rafmt%3D1%26to%3Dqs%26pwprc%3D8890230846%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fala3raf.net%252Fuser%252Fbreadpoppy5%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1696624426736%26bpp%3D1%26bdt%3D1271%26idt%3D0%26shv%3Dr20231004%26mjsv%3Dm202310020101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D67db5c8e8dcb33c8%253AT%253D1696624425%253ART%253D1696624425%253AS%253DALNI_MbSwn-Ay3bpMNSehZzK7EllU-Blig%26gpic%3DUID%253D00000cb83736472a%253AT%253D1696624425%253ART%253D1696624425%253AS%253DALNI_MZ2JiHzK14YnuPoB_vkUk9GKfnyVA%26prev_fmts%3D0x0%252C1200x280%252C1180x90%26nras%3D4%26correlator%3D8446258147636%26frm%3D20%26pv%3D1%26ga_vid%3D1694423313.1696624426%26ga_sid%3D1696624426%26ga_hid%3D1623731685%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1440%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759876%252C44759927%252C44804782%252C31078488%252C21065724%26oid%3D2%26pvsid%3D2198543878659124%26tmod%3D838012041%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3Dy21j7X4erM%26p%3Dhttps%253A%2F%2Fala3raf.net%26dtd%3D6,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8343227950611411%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D1588159632%26pi%3Dt.aa~a.2376638792~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696617226%26rafmt%3D1%26to%3Dqs%26pwprc%3D8890230846%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fala3raf.net%252Fuser%252Fbreadpoppy5%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1696624426736%26bpp%3D1%26bdt%3D1271%26idt%3D0%26shv%3Dr20231004%26mjsv%3Dm202310020101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D67db5c8e8dcb33c8%253AT%253D1696624425%253ART%253D1696624425%253AS%253DALNI_MbSwn-Ay3bpMNSehZzK7EllU-Blig%26gpic%3DUID%253D00000cb83736472a%253AT%253D1696624425%253ART%253D1696624425%253AS%253DALNI_MZ2JiHzK14YnuPoB_vkUk9GKfnyVA%26prev_fmts%3D0x0%252C1200x280%252C1180x90%26nras%3D4%26correlator%3D8446258147636%26frm%3D20%26pv%3D1%26ga_vid%3D1694423313.1696624426%26ga_sid%3D1696624426%26ga_hid%3D1623731685%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1440%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759876%252C44759927%252C44804782%252C31078488%252C21065724%26oid%3D2%26pvsid%3D2198543878659124%26tmod%3D838012041%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3Dy21j7X4erM%26p%3Dhttps%253A%2F%2Fala3raf.net%26dtd%3D6&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 20:33:47 GMT
an-x-request-uuid: c5d318ad-4e96-49b2-bac7-de1a91cec0ff
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.106.21; 176.10.106.21; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 67ms
67ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=2198543878659124&bg=!WlmlWRbNAAbjlzx0w5c7ADQBe5WfOPxz-az367lUGeS5vyd7gCApMu9P6ww-3tMEIXPPDjnDukVB-i2I3UYqYJADc4mEAgAAAI1SAAAACWgBBwoAWFnwprr6paJdTHIDD3cZnhqgpHnCnZX1H7vi3AfUs-IOFcpTfqfbFiYsSq0c0DmjNqTOs6DyncSgGR8-M1Xe9xkREWMrTKryNl5QrHONoirkm75NjNdDN56ZArq8Rx6Q7USrCdAc-SZXs4Q7AU4VqFrcCIRwCa-fp1YVthewjxT27zu7Bi9WVHf-80HCCWZEfcYDODtW5IvFlJPhftdQhR01SiwMznwn3lOCZbiRW5ZHWyPgick_E18-zadKs_N-GwASo4aQrolfYEITf4cdvbqlmKB8qOXMPlRnHuKOaW-rJXcKlnwCXXAK2QFpQMxLjxpuYahHUT_rXE1Fp6mqJi4gVY3zFCTdIz21jXbJvM9sz7xu0l7IgaurleOUU8q14_EG_Av-LU199JmVkEEiGujVYDTzRizl18EAiEgCHOGh472QegXwsfXX9AZEWGsWn1FKAilPfyR6iTBYUwXIdQxdWO1q62BR8dc8jZwHBxpQzqPwGiVqqqhM4UORWhgAMafcJHf2ousrtQOUoZ1dsAt176icBkXKeEW3RFlDY-O5lnC4-v6owoSYdn-hXQq1ziEscavJJLmX2OaHwqLrJ1yG3wQmsRIHV5GwM6NxpfwKegSZYRA8UcakB4RhoYZe3xEsvCQcyQjK2BX_62hvGkmDJscpGBzbGVPN0fh-rlbeMGsUjXhTswGp1QOlfEbps3Oek__UnEVhjUWVgKCCz9JPNs7GSDh3ejcyKYO1E8TNBAhrdjxKwQ2cPMKHTc-vwK26Q62vBLsUcR3l7uY_6qfFeGUMo2RLAmncY8NQWMYo1t4f1-LZul3P_E00dP84r28CiIz7C7viW8WgBsp4Yh7d5KnLm6VNKxXGt-bJ92m8aeBXtbfOoUrUA0Uf6DR76kb0eI_5XpixqRTQsu70apPxG7CX1FEfkJ1KMXn3eB_PVBLwmVGWPT6Feke9mTp0bBP-WyyRyrKnWyt2pCQ-K9AvzlYbEliVK0HILt2GFd2GHOxDbmKZIf3RYU_y2nCfRyMF37byC35iLWONY-8qDmW0taM6vA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5ED5 1 KB
643 B 30ms
30ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 79057
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 22:36:10 GMT
etag: 48472445140208031
expires: Fri, 06 Oct 2023 22:36:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1190 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c5a62ff61fbd441415fed10c3737ba65538cb2677034b7b53463f2567f9de25

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1190 0
19 B 72ms
72ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRvmYKm8gZeDbM4DatOUP0Oyo8AzS4Nfgbo-ktpOTCsCNtwEQASAAYPUFggEXY2EtcHViLTgzNDMyMjc5NTA2MTE0MTHIAQmoAwHIAwKqBPgBT9CFvto_nM2ZIRwN2ggU11JaQNxlHNEd5f-CbOMb_NOj5nvf1HgrADFZs4_-s3Hll7Y9L5dHkJp3iC-H7MGW1PwuIEQml4JeDu9AEhsf4BlU7q_w96GGWGZcQTDPC9C93BBWe1CqM6bYN5euCSNufZ4lxKazfP1lcmyk5cDF5hEg3aJhVIahDVGLG2Wh5KLddqQVd-CjcP2noBtMA1oM8qi7N5GUf5IQ89651syGoHuh1XltGbzM5r6mM6DZqPb-a6PmDbtxFA5Gt1cxacL2CTlXaGLvTBZA6C5GRGid4pYi2wpnbSFBSTInLgfVomBudxJmame_knWABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgzNDMyMjc5NTA2MTE0MTEYAA&sigh=JxvTi8PGiw0&uach_m=[UACH]&cid=CAQSOwDICaaNvc82jsmke__Mv9hWjYTPKNlFFS8Z_GFchDR2CBqpZh4Rhoc-yOc1hE5Ug2XPZBuM28zqVqr5GAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696617226&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696624426736&bpp=1&bdt=1271&idt=0&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67db5c8e8dcb33c8%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MbSwn-Ay3bpMNSehZzK7EllU-Blig&gpic=UID%3D00000cb83736472a%3AT%3D1696624425%3ART%3D1696624425%3AS%3DALNI_MZ2JiHzK14YnuPoB_vkUk9GKfnyVA&prev_fmts=0x0%2C1200x280%2C1180x90&nras=4&correlator=8446258147636&frm=20&pv=1&ga_vid=1694423313.1696624426&ga_sid=1696624426&ga_hid=1623731685&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44804782%2C31078488%2C21065724&oid=2&pvsid=2198543878659124&tmod=838012041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y21j7X4erM&p=https%3A//ala3raf.net&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 06 Oct 2023 20:33:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 1190 0
530 B 55ms
55ms Image
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&e=wqT_3QKoB-ioAwAAAwDWAAUBCKregakGEOi15qSc45mqVBgAKjYJMJaPsfJxlT8RzdaN5D_NlD8ZAAAAANej0D8hzQ0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4xvEFgAEBigEDVVNEkgUG9CIDmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJGh0dHBzOi8vYWxhM3JhZi5uZXQvdXNlci9icmVhZHBvcHB5NYADAIgDAZADAJgDCaADAaoDrQMKwwJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1jZjdkNzA4OS02ZjBmLTQwN2QtYjRkZi05OTQ0YzllOTg3NzQmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWNmN2Q3MDg5LTZmMGYtNDA3ZC1iNGRmLTk5NDRjOWU5ODc3NCZydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1rbmFxZV8zY19weXZweHBiYXN2ZXpuZ3ZiYSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzYwNzY1OTUxNTc1OTk4ODYwNTYiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpZek5EYzFNRFUwTURVNU16WWpNak15T0RFME56RTFNalE1TnpjeE9RPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFjcnCgO2zmsBDwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFs5sM-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHxvEF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Afggw2KCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=f4b333c211e9f27087de4f594c91a6d44d2c226a&pp=ZSBvKgAM7eAGrS0AAAo2UGLqOWWWCCFaepmodw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8SbwKm8gZeDbM4DatOUP0Oyo8AzS4Nfgbo-ktpOTCsCNtwEQASAAYPUFggEXY2EtcHViLTgzNDMyMjc5NTA2MTE0MTHIAQmoAwHIAwKqBPsBT9CFvto_nM2ZIRwN2ggU11JaQNxlHNEd5f-CbOMb_NOj5nvf1HgrADFZs4_-s3Hll7Y9L5dHkJp3iC-H7MGW1PwuIEQml4JeDu9AEhsf4BlU7q_w96GGWGZcQTDPC9C93BBWe1CqM6bYN5euCSNufZ4lxKazfP1lcmyk5cDF5hEg3aJhVIahDVGLG2Wh5KLddqQVd-CjcP2noBtMA1oM8qi7N5GUf5IQ89651syGoHuh1XltGbzM5r6mM6DZqPb-a6PmDbtxFA5Gt1cxacL2CTlXKmDO3tTkEkPSvhwofM-mbQ5EZ6VIZyr-jIGMJtzuXT5-quZd_-FOlEOABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2DaDevfG974BIQuM5qgYLbZL5E2w%26client%3Dca-pub-8343227950611411%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 20:33:47 GMT
an-x-request-uuid: 10910087-3cea-4c8a-adc4-d936d7b3038b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.106.21; 176.10.106.21; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 1190 0
554 B 38ms
38ms Ping
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fbreadpoppy5&e=wqT_3QKoB-ioAwAAAwDWAAUBCKregakGEOi15qSc45mqVBgAKjYJMJaPsfJxlT8RzdaN5D_NlD8ZAAAAANej0D8hzQ0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4xvEFgAEBigEDVVNEkgUG9CIDmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJGh0dHBzOi8vYWxhM3JhZi5uZXQvdXNlci9icmVhZHBvcHB5NYADAIgDAZADAJgDCaADAaoDrQMKwwJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1jZjdkNzA4OS02ZjBmLTQwN2QtYjRkZi05OTQ0YzllOTg3NzQmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWNmN2Q3MDg5LTZmMGYtNDA3ZC1iNGRmLTk5NDRjOWU5ODc3NCZydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1rbmFxZV8zY19weXZweHBiYXN2ZXpuZ3ZiYSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzYwNzY1OTUxNTc1OTk4ODYwNTYiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpZek5EYzFNRFUwTURVNU16WWpNak15T0RFME56RTFNalE1TnpjeE9RPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFjcnCgO2zmsBDwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFs5sM-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHxvEF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Afggw2KCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=f4b333c211e9f27087de4f594c91a6d44d2c226a&type=nv&nvt=5&jm=1003&px=236&py=0&bw=182&bh=90&sid=1796503261659458123&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=1200&ph=90&ww=1200&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 20:33:47 GMT
an-x-request-uuid: 6276dd59-e63e-4143-b2f5-a0c60843b486
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.106.21; 176.10.106.21; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 5ED5
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESENgQdiuXlf7YoLjBdauq6P4&google_cver=1&google_push=AXcoOmTyZjVLqezYRXFi0WMjztKrJo9B3wGzRkEu73yFt2V9nAH5686WpFQV6Pb41vPl98LVrJdbKsr7yGWTUPU9kx7nihqFsduhRac
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

53ms
53ms

Image
image/gif

23.212.215.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Protocol: HTTP/1.1
Server: 23.212.215.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-215-156.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Fri, 06 Oct 2023 20:33:47 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Fri, 06 Oct 2023 20:33:47 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5ED5
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEIz2Fh7mdmGqxDOpBbpbaWc&google_cver=1&google_push=AXcoOmTm_FSR5zjDqwlto5HYgz6p0WnzmIeCEsI6vnJCvuPoyS7fBBh2vtWo3lnqz7dEpwM1r5Rhz0tVDxqi2gPjLsE3v_kHpmvbR5g
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTm_FSR5zjDqwlto5HYgz6p0WnzmIeCEsI6vnJCvuPoyS7fBBh2vtWo3lnqz7dEpwM1r5Rhz0tVDxqi2gPjLsE3v_kHpmvbR5g&google_hm=UjM1Q0FCXzEwQ...

170 B
188 B

39ms
39ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTm_FSR5zjDqwlto5HYgz6p0WnzmIeCEsI6vnJCvuPoyS7fBBh2vtWo3lnqz7dEpwM1r5Rhz0tVDxqi2gPjLsE3v_kHpmvbR5g&google_hm=UjM1Q0FCXzEwQTI0OUQxMV84QjFFRDhBQQ%3D%3D

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 20:33:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTm_FSR5zjDqwlto5HYgz6p0WnzmIeCEsI6vnJCvuPoyS7fBBh2vtWo3lnqz7dEpwM1r5Rhz0tVDxqi2gPjLsE3v_kHpmvbR5g&google_hm=UjM1Q0FCXzEwQTI0OUQxMV84QjFFRDhBQQ%3D%3D
Date: Fri, 06 Oct 2023 20:33:47 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-379629228; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 349
Content-Type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5ED5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPZQJvIkmoPTL3T71ok1Zl4&google_push=AXcoOmQ5uTA2YK7S8SNIaP0-f-tBqpkVAOYZNaGEqVeXVjsrcQFHY8oAsy...

170 B
329 B

41ms
40ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPZQJvIkmoPTL3T71ok1Zl4&google_push=AXcoOmQ5uTA2YK7S8SNIaP0-f-tBqpkVAOYZNaGEqVeXVjsrcQFHY8oAsyq7kyWU_m1kIgPTzLIKrm3ecGmjnGfhX8IcG6IZ9MBl19g

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 20:33:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-mxp6949-MXP
pragma: no-cache
date: Fri, 06 Oct 2023 20:33:47 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1696624428.877685,VS0,VE100
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPZQJvIkmoPTL3T71ok1Zl4&google_push=AXcoOmQ5uTA2YK7S8SNIaP0-f-tBqpkVAOYZNaGEqVeXVjsrcQFHY8oAsyq7kyWU_m1kIgPTzLIKrm3ecGmjnGfhX8IcG6IZ9MBl19g
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5ED5
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEKb1omF4EYCHGtwzI-cPHIs&google_cver=1&google_push=AXcoOmQoPgOPlbtwLkzQz0rRZnRUGwqKVupeO9UlLf_PwAcBqGpkHTfZVAls7I1QyiJWfrRDJUuzCtKfeBAZEjmqG5tIsxmaDjS2RA
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjNGNzUzNzlCNjdDQkIxNA==

170 B
188 B

39ms
38ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjNGNzUzNzlCNjdDQkIxNA==

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 20:33:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjNGNzUzNzlCNjdDQkIxNA==
date: Fri, 06 Oct 2023 20:33:48 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 5ED5 43 B
363 B 114ms
35ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQLO5568OIjeajoHQclFH5qrqwP2Vm8TFBz9wU7U5APhOIgKRlmwDCChKjrPP7K7tbn1CxbZrkYOYFwvc0_OrKXBby93maqow&google_gid=CAESEAhf5NJ3z46OE3019VEv2oU&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 20:33:47 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 250812
expires: Fri, 06 Oct 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5ED5
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEMvR52A7vMCzFb6jVDeIyGM&google_cver=1&google_push=AXcoOmQfBktOZtpkX_0kPB5N7di3jq7i-YeTpz4OgvZa03uRN_aDGdgHPoIAfRwbyIjC8zWI9PXRiU2xU8-uOGz...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=WWqjTZW1XNVVmhM276ZFpbAKahU&google_push=AXcoOmQfBktOZtpkX_0kPB5N7di3jq7i-YeTpz4OgvZa03uRN_aDGdgHPoIAfRwbyIjC8zWI9PXRiU2xU8-uOG...

170 B
188 B

40ms
40ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=WWqjTZW1XNVVmhM276ZFpbAKahU&google_push=AXcoOmQfBktOZtpkX_0kPB5N7di3jq7i-YeTpz4OgvZa03uRN_aDGdgHPoIAfRwbyIjC8zWI9PXRiU2xU8-uOGzeqKgCr1-_WQoZIbE

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 20:33:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=WWqjTZW1XNVVmhM276ZFpbAKahU&google_push=AXcoOmQfBktOZtpkX_0kPB5N7di3jq7i-YeTpz4OgvZa03uRN_aDGdgHPoIAfRwbyIjC8zWI9PXRiU2xU8-uOGzeqKgCr1-_WQoZIbE
Date: Fri, 06 Oct 2023 20:33:48 GMT
Connection: keep-alive
Content-Length: 245
Content-Type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5ED5
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEMrdnfVCXhYKrk95vbJkc40&google_cver=1&google_push=AXcoOmSVOsTslRYmpHKp9I651z1OmmShQoGQ4bJSgWXnh7iNW7dWxkmsDbgyoHrU5nz...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSVOsTslRYmpHKp9I651z1OmmShQoGQ4bJSgWXnh7iNW7dWxkmsDbgyoHrU5nzFC0aFqyb0H2TkqVObW40cvQ0GlQFnZN9QIK-l

170 B
232 B

39ms
39ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSVOsTslRYmpHKp9I651z1OmmShQoGQ4bJSgWXnh7iNW7dWxkmsDbgyoHrU5nzFC0aFqyb0H2TkqVObW40cvQ0GlQFnZN9QIK-l

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 20:33:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 1c09683f.156ccad8
date: Fri, 06 Oct 2023 20:33:47 GMT
x-bytefaas-request-id: 2023100620334729AD95AE4AB396D74119
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-239-13.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-parent-response-time: 95,2.16.239.13
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=9, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023100620334729AD95AE4AB396D74119
x-cache-remote: TCP_MISS from a23-58-124-21.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSVOsTslRYmpHKp9I651z1OmmShQoGQ4bJSgWXnh7iNW7dWxkmsDbgyoHrU5nzFC0aFqyb0H2TkqVObW40cvQ0GlQFnZN9QIK-l
x-bytefaas-execution-duration: 3.62
access-control-allow-origin: *
access-control-allow-credentials: true
x-origin-response-time: 9,23.58.124.21
x-tt-trace-host: 01a6216120630436741afe30ab5d133753ebe4069fdc829bbb84ac97c2df06a6077f473c419c0bc44fb6611cadc2401dca459c71582bb26f5f86e712e94d52ff8e130177aeff8ae4a2527d11016d06423be9866460e80ea94855404ec3cb456dbd0605336197034a665a257d50d2739eee
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Fri, 06 Oct 2023 20:33:47 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5ED5 0
130 B 130ms
37ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0csaAl1O0l6nrPG1bDXPku6tRmsiDVbWx_FUzV5MYUspjX5Idoqe3gm6r2Qekh2ocFycmQA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 20:33:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ala3raf.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2020fosofc4fukiu3o11kejfr4
ala3raf.net/	1970-01-20 15:19:57	Name: qa_key Value: gcs34h6m56twvgfaejceb4c2bmmeoep7
ala3raf.net/	1970-01-21 00:02:40	Name: HstCfa4570762 Value: 1696624425771
ala3raf.net/	1970-01-21 00:02:40	Name: HstCla4570762 Value: 1696624425771
ala3raf.net/	1970-01-21 00:02:40	Name: HstCmu4570762 Value: 1696624425771
ala3raf.net/	1970-01-21 00:02:40	Name: HstPn4570762 Value: 1
ala3raf.net/	1970-01-21 00:02:40	Name: HstPt4570762 Value: 1
ala3raf.net/	1970-01-21 00:02:40	Name: HstCnv4570762 Value: 1
ala3raf.net/	1970-01-21 00:02:40	Name: HstCns4570762 Value: 1
.ala3raf.net/	1970-01-21 00:38:40	Name: __gads Value: ID=67db5c8e8dcb33c8:T=1696624425:RT=1696624425:S=ALNI_MbSwn-Ay3bpMNSehZzK7EllU-Blig
.ala3raf.net/	1970-01-21 00:38:40	Name: __gpi Value: UID=00000cb83736472a:T=1696624425:RT=1696624425:S=ALNI_MZ2JiHzK14YnuPoB_vkUk9GKfnyVA
.doubleclick.net/	1970-01-21 00:53:04	Name: IDE Value: AHWqTUlvopaZbFHll7Ag-WR11OWalska8ynbg7ACcRaxhGCF7NJ9L3Xy7mVVlkd8VgE
.bing.com/	1970-01-21 00:38:40	Name: MUID Value: 0A436F6A768F6DF8184E7CC877526CBB
.everesttech.net/	1970-01-21 00:02:40	Name: everest_g_v2 Value: g_surferid~ZSBvKwASqxU_KQA4
fksnk.com/	1970-01-20 15:27:09	Name: AWSALBCORS Value: v9V6mN70iY36TkTPTxTCKYizLpYwRJDpLOcLJv/vgH1QivJ+4Kc6uZoKaroTOvVDV2CMeu8b1MCcxBT7JK6N5SadQSJ6gwn4ki9aflF3t+nQOOXo5gjSXnjfzTxU
.fksnk.com/	1970-01-20 17:26:40	Name: f_001 Value: 63F75379B67CBB14
.fksnk.com/	1970-01-20 15:18:30	Name: g_001 Value: 1
.mxptint.net/	1970-01-21 00:53:04	Name: mxpim Value: R35CAB_10A249D11_8B1ED8AA.1.65206F2C
sync.srv.stackadapt.com/	1970-01-21 00:02:40	Name: sa-user-id Value: s%3A0-596aa34d-95b5-5cd5-559a-1336efa645a5.zI5Rnt%2BeeScPDkzNMqCEzTP9XzhI7rM%2BHCPihBxZ6AE
.srv.stackadapt.com/	1970-01-21 00:02:40	Name: sa-user-id Value: s%3A0-596aa34d-95b5-5cd5-559a-1336efa645a5.zI5Rnt%2BeeScPDkzNMqCEzTP9XzhI7rM%2BHCPihBxZ6AE
sync.srv.stackadapt.com/	1970-01-21 00:02:40	Name: sa-user-id-v2 Value: s%3AWWqjTZW1XNVVmhM276ZFpbAKahU.txylvMcjYjsBVJXPjIrYlZeixIOV7be7ORBuOW6klKI
.srv.stackadapt.com/	1970-01-21 00:02:40	Name: sa-user-id-v2 Value: s%3AWWqjTZW1XNVVmhM276ZFpbAKahU.txylvMcjYjsBVJXPjIrYlZeixIOV7be7ORBuOW6klKI
sync.srv.stackadapt.com/	1970-01-21 00:02:40	Name: sa-user-id-v3 Value: s%3AAQAKIMZztLtg-2b1krhUCmwfu1VVNPvTHtAxuRXsGv29MEUvEHwYBCCs3oGpBjABOgTwi70wQgR6kzWd.DTs%2FWiEiOAA3O1fnj3NPyB9lFLLjcA7Jc6vdsOG1dY4
.srv.stackadapt.com/	1970-01-21 00:02:40	Name: sa-user-id-v3 Value: s%3AAQAKIMZztLtg-2b1krhUCmwfu1VVNPvTHtAxuRXsGv29MEUvEHwYBCCs3oGpBjABOgTwi70wQgR6kzWd.DTs%2FWiEiOAA3O1fnj3NPyB9lFLLjcA7Jc6vdsOG1dY4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
aep.mxptint.net
ala3raf.net
ams3-ib.adnxs.com
analytics.pangle-ads.com
cdn.adnxs.com
cm.g.doubleclick.net
dis.criteo.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
px.owneriq.net
s10.histats.com
s4.histats.com
sync-tm.everesttech.net
sync.srv.stackadapt.com
tpc.googlesyndication.com
www.bing.com
www.google.com
www.googletagservices.com
142.250.184.226
149.56.240.127
151.101.194.49
165.254.203.172
178.250.1.9
18.213.189.173
184.30.16.183
185.89.210.101
2.16.238.13
23.212.215.156
2606:4700:10::6814:81f
2620:1ec:46::63
2a00:1450:4001:809::200a
2a00:1450:4001:813::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a02:26f0:480:d::210:f14b
2a06:98c1:3120::3
52.71.211.164
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1c6500e114cdac56f55c61e0f9e115e760560c1c18bb1b1bfa57ec85ab3b2dcb
2d600078cd98ca3f968a2d74a82f2f29517629a930d97868f7c137ac08e03080
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c5a62ff61fbd441415fed10c3737ba65538cb2677034b7b53463f2567f9de25
434536a8757a2512d573df1c9eee8a47fabc0aeb095817aac992938a2c127195
4672e11a0ddc1063a6a119cac90b54f9820fc93de2ddae2baba935805c522a13
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
55476726eb3af59354224a2c17109c88e6b36a786de17a2ed9cac1f58235d4ca
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b5ca2b47551aa9d957efde90c70d82594a7cb6448041385242c03cebf816ab4
5d19146f8203fbf9734668450ac1f279efcc77d37b106fe1fa5a8e83e25630b8
6002e23815ec42acedba12390950c5e1bb68a864af09bc445d29ebafd955acea
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
6374473bb9180662261add71dea512784e6cb0e4b9171eaaf30e3216b7be7a67
673b09d876a8d35a8e0beb633961ff166b000f51bd2222c4c13e236bc16eaf87
6d9b47108c9ab73f5169dd2e09298cc7494c93d82619be50dd10387ded08792e
78af1a6e1276d30af57e61b65b853bc2738a87f32f361c5ec8203a0c1b65b188
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
966265a82395d39e3b2c653fde6e0a5c7c67f6457ffede313b7eaaae6cb8dbcb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a7f978b9f0d5c8370c40128c010bd890e10f4ad0f33a5e4afccdd65ca37a7bb8
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
b00f5fe5dbb0e589ce68b9f5915d733c966bacf56a90182bc97f21b0be0155b0
cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84
cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb
cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a
e163650eb3de4fc2368ce9aac3131fc5cbe65e160b20702bf234cfc8ec0b21c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cd18f5144740a85b80c96dc66e11571033b71a26681f20681c5f8fe9e5188d
eb2842acb447a7348b0debb0b1126548a006e45f5abc6e295b01f3e653f7cf8d
fc1344e7e4da88838f8ba2e95e04a88e631d4e94b1138540df92980ccccdc7e3

ala3raf.net Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

86 %HTTPS

50 %IPv6

19 Domains

23 Subdomains

18 IPs

4 Countries

543 kBTransfer

1493 kBSize

24 Cookies

3 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ala3raf.net Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

86 %
HTTPS

50 %
IPv6

19
Domains

23
Subdomains

18
IPs

4
Countries

543 kB
Transfer

1493 kB
Size

24
Cookies

50 HTTP transactions
1 data transactions