ala3raf.net Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ala3raf.net/user/vestlake36
Submission: On October 10 via manual (October 10th 2023, 3:52:49 am UTC) from VN — Scanned from CH

Summary HTTP 49 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 19 domains to perform 49 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ala3raf.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 26th 2023. Valid for: a year.

This is the only time ala3raf.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:91f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	149.56.240.130 149.56.240.130	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	23.32.185.60 23.32.185.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	213.227.153.225 213.227.153.225	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	52.57.181.189 52.57.181.189	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
1 1	54.164.217.79 54.164.217.79	14618 (AMAZON-AES) (AMAZON-AES)
1	213.227.153.222 213.227.153.222	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
49	19

9 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ala3raf.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:91f (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.130 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534298.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.153.225 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1t-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.181.189 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-181-189.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (United States) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.217.79 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-217-79.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.153.222 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	283 KB
12	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	30 KB
9	ala3raf.net ala3raf.net	77 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 985 s.tribalfusion.com — Cisco Umbrella Rank: 2451	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1069	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1024 r.turn.com — Cisco Umbrella Rank: 4738	869 B
2	zemanta.com b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 20426 b1-eudc1.zemanta.com — Cisco Umbrella Rank: 26761	250 B
2	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2100	13 KB
2	gstatic.com fonts.gstatic.com	28 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 12099 s4.histats.com — Cisco Umbrella Rank: 11973	5 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 915	1 KB
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1393	684 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8325	555 B
1	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 2761	13 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	59 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	601 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	904 B
0	everesttech.net Failed sync-tm.everesttech.net Failed
49	19

	Domain	Requested by
9	ala3raf.net	ala3raf.net
8	pagead2.googlesyndication.com	ala3raf.net pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
6	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
2	pm.w55c.net	2 redirects
2	widgets.outbrain.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
1	b1-eudc1.zemanta.com	googleads.g.doubleclick.net
1	sync.srv.stackadapt.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	zem.outbrainimg.com	googleads.g.doubleclick.net
1	b1t-eudc1.zemanta.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	ala3raf.net
1	fonts.googleapis.com	ala3raf.net
0	sync-tm.everesttech.net Failed	googleads.g.doubleclick.net
49	25

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-26` - `2024-02-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
histats.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-05`	a year	crt.sh
*.outbrainimg.com R3	`2023-09-29` - `2023-12-28`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://ala3raf.net/user/vestlake36
Frame ID: D4DC4D7506E833649E5B8A301E5A4729
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: D97A4570761D9273BB7DE1F58C4856FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1696902765&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696909964919&bpp=20&bdt=371&idt=256&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3937099769269&frm=20&pv=2&ga_vid=1300326223.1696909965&ga_sid=1696909965&ga_hid=883412624&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C31078657%2C44795922%2C44804782%2C44805112%2C31078557%2C21065724&oid=2&pvsid=3253547715279728&tmod=1328085980&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=279
Frame ID: E50BBC23A89802A5E115191DDE49E2C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696902765&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696909964940&bpp=2&bdt=393&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3937099769269&frm=20&pv=1&ga_vid=1300326223.1696909965&ga_sid=1696909965&ga_hid=883412624&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C31078657%2C44795922%2C44804782%2C44805112%2C31078557%2C21065724&oid=2&pvsid=3253547715279728&tmod=1328085980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8gQzT3VHvU&p=https%3A//ala3raf.net&dtd=273
Frame ID: 9F211C2372ECBB76E82B7FBBEC92E491
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696902765&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696909965562&bpp=1&bdt=1014&idt=-M&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e48d119cf072668%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbjftxtxqDctefw9J5z-ZDueoh_kw&gpic=UID%3D00000c934fe156c3%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbEqVAW_XtzfUL906VYCbLDlNQpjw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3937099769269&frm=20&pv=1&ga_vid=1300326223.1696909965&ga_sid=1696909965&ga_hid=883412624&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C31078657%2C44795922%2C44804782%2C44805112%2C31078557%2C21065724&oid=2&pvsid=3253547715279728&tmod=1328085980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aScsArSvBG&p=https%3A//ala3raf.net&dtd=4
Frame ID: 2C8C34984D5DD459099E4CD5CCA6E43A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=50&adk=3573649038&adf=2347765671&pi=t.aa~a.1340144624~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696902765&rafmt=1&to=qs&pwprc=8890230846&format=1200x50&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696909965562&bpp=1&bdt=1015&idt=1&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e48d119cf072668%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbjftxtxqDctefw9J5z-ZDueoh_kw&gpic=UID%3D00000c934fe156c3%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbEqVAW_XtzfUL906VYCbLDlNQpjw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=3937099769269&frm=20&pv=1&ga_vid=1300326223.1696909965&ga_sid=1696909965&ga_hid=883412624&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C31078657%2C44795922%2C44804782%2C44805112%2C31078557%2C21065724&oid=2&pvsid=3253547715279728&tmod=1328085980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wiZCuShRtZ&p=https%3A//ala3raf.net&dtd=9
Frame ID: CC5CD5AE3876DB6078CDCA2C8F787CE7
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/n2d/widget/widget.js
Frame ID: E003F2F115ACFC0CF04BD95AE4513EBC
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 50D5B74E4FF1FE53A2AAD2D201C32E51
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AF783F41561A471D15E7F530FDB70475
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A7E18958BBF5043601646475678D6A47
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

الأعراف

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

86 %
HTTPS

50 %
IPv6

19
Domains

25
Subdomains

19
IPs

5
Countries

512 kB
Transfer

1398 kB
Size

25
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL_tCd9PxGL_PEdyBkXgh88&google_cver=1&google_push=AXcoOmScV3WbZkxxa5xxaCA_waewT_pi2etPTuzStKtV4vus4U3pwgxgi1bomZ1cc4wnFUMOYnfaisvgcs8uRiDP2xp5WNGtA8-7ew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk5ODQyNzQ0MzQzMjUyNTQ5MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL_tCd9PxGL_PEdyBkXgh88&google_cver=1

Request Chain 37

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI0nAht5Nyq0ojseoWSqjAw&google_cver=1&google_push=AXcoOmSureg6tZNSPpkxOHqgD4Q1ziro57BWvqGlT6yEoQJTynfbDQEbgZp2324UTCwGAlNHfVNKoMwZToUlXH_7UuZDhl6eIuST2wg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI0nAht5Nyq0ojseoWSqjAw&google_cver=1&google_push=AXcoOmSureg6tZNSPpkxOHqgD4Q1ziro57BWvqGlT6yEoQJTynfbDQEbgZp2324UTCwGAlNHfVNKoMwZToUlXH_7UuZDhl6eIuST2wg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=THVMUGJPVmsxUVEzTkE1&google_gid=CAESEI0nAht5Nyq0ojseoWSqjAw&google_cver=1&google_push=AXcoOmSureg6tZNSPpkxOHqgD4Q1ziro57BWvqGlT6yEoQJTynfbDQEbgZp2324UTCwGAlNHfVNKoMwZToUlXH_7UuZDhl6eIuST2wg

Request Chain 38

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIFPMrzWOdf44sKgiS7iz_Q&google_cver=1&google_push=AXcoOmSdF4kpi9Wb4e0tG9Mh7akyM2dnP3B14E3lSB4odP0cySCMsj2v-5C9-9x9djwvUwu8xKKziaHexj9DEXfhxlQ0fW5gt2_c6t8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSdF4kpi9Wb4e0tG9Mh7akyM2dnP3B14E3lSB4odP0cySCMsj2v-5C9-9x9djwvUwu8xKKziaHexj9DEXfhxlQ0fW5gt2_c6t8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIFPMrzWOdf44sKgiS7iz_Q&google_cver=1&google_push=AXcoOmSdF4kpi9Wb4e0tG9Mh7akyM2dnP3B14E3lSB4odP0cySCMsj2v-5C9-9x9djwvUwu8xKKziaHexj9DEXfhxlQ0fW5gt2_c6t8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSdF4kpi9Wb4e0tG9Mh7akyM2dnP3B14E3lSB4odP0cySCMsj2v-5C9-9x9djwvUwu8xKKziaHexj9DEXfhxlQ0fW5gt2_c6t8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 40

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEdR8IKMux7aIzuN_JcRtyw&google_cver=1&google_push=AXcoOmQQeoA2kjoHSVtGB6rYT0RMzHS3qnIE56jWaSh3kJzj9jY58AkvazI-Tl30fea5-JC8ISZvtu-jjF4PakKzv2cfekZqiWCfRQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zILMiMXZTtoxVmmY5S7CpA&google_push=AXcoOmQQeoA2kjoHSVtGB6rYT0RMzHS3qnIE56jWaSh3kJzj9jY58AkvazI-Tl30fea5-JC8ISZvtu-jjF4PakKzv2cfekZqiWCfRQ

Request Chain 41

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEPvCguUzEKe9sjli6CznaRs&google_cver=1&google_push=AXcoOmQLeSzdzgXRYVzOq0I_hg7zOm6UQENvARSbVpO4CDeUy6MVXuFPOLY8_1IO8gUmkb7tZiKSAG6mnSPFA_1uydtqvM_6-JMDWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=838473032850&us_privacy=1---

Request Chain 42

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJwQns4KxgQ3v960dmGTPQ0&google_cver=1&google_push=AXcoOmTuu3L_dApiaW0-a7dpCLJrvHaaqOCM_z-BQxvzyQqC9SbjktfDE8jKsApDpQw1tUK0Jr37ER7wnS_BL_A0W9wyeOi6epfeFmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=6V_5Hq3GXs5Vzb1bWRimkrnDR9g&google_push=AXcoOmTuu3L_dApiaW0-a7dpCLJrvHaaqOCM_z-BQxvzyQqC9SbjktfDE8jKsApDpQw1tUK0Jr37ER7wnS_BL_A0W9wyeOi6epfeFmg

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request vestlake36 Show response
ala3raf.net/user/ 11 KB
4 KB 2425ms
2349ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/user/vestlake36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e59f5c02f655d66b41ce3481413c11dcf3e903b7708db00d537685a1dc003c43

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 813be97d3eb23b58-GVA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 10 Oct 2023 03:52:44 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgHCFIHMMnAICUQsVldnxuEBS6IayQWh5Awi92vapquIWvv69rVKKcxOZRkXCHPvUmVWJX8Ll6bDpJjWFbyS2phQBlp4%2BIeG4Mg698YICWNX7j0BVEj%2BhLtoO6QWOpnPVkUE5xtit5CjSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 qa-styles.css
ala3raf.net/qa-theme/SnowFlatCustom/ 71 KB
13 KB 78ms
77ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/vestlake36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 338503240a2b1a2a0e52e0a5252920489588e5d55ca4812a9e060b9f6080f823

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/vestlake36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:44 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 07 May 2020 13:24:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"11b91-5a50eccf09f80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yl2GdirUgRrJCgApbpEbJnRHLw8cto5kcV%2FphrdffZSyh8%2BZKVW4IcQ0pYawjHxaKElZ0VXnaGYjhQn4QBNvUVfnTK0bM4WGmWtZYHOF18TNLfBnvpH8s9i5xTmh4gwTnaMaB65o%2BhRtvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 813be98e8a403b58-GVA
alt-svc: h3=":443"; ma=86400

GET
H2 200 qa-styles-rtl.css
ala3raf.net/qa-theme/SnowFlatCustom/ 11 KB
3 KB 88ms
87ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles-rtl.css?1.8.4
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/vestlake36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 806e57f8c7da1780198e2945ab05cab7a252d020bd5049fdc281fa2c62423349

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/vestlake36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:44 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 28 Jul 2021 10:23:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2d9a-5c82c600af3c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gnZuwWFsrlG6RfUeCwcgAW5fSY%2BJQeJ3Ih5%2BNZX9IVXUgmcVozbErt1COB%2F0ke6vFrqf2emVx2EvS0SiBWcU%2FcRMQeFSfWTjsKmUUFY%2BMpB3ysF%2BF7rIK49tYAIbDMHhVSSjQAjwMyI%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 813be98e8a413b58-GVA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 1 KB
904 B 196ms
71ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo&display=swap

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/vestlake36

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c6500e114cdac56f55c61e0f9e115e760560c1c18bb1b1bfa57ec85ab3b2dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Oct 2023 03:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 03:52:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Oct 2023 03:52:44 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
ala3raf.net/qa-content/ 111 KB
33 KB 132ms
131ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-content/jquery-3.3.1.min.js
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/vestlake36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6002e23815ec42acedba12390950c5e1bb68a864af09bc445d29ebafd955acea

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/vestlake36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:44 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 11 May 2020 13:00:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1bb29-5a55eef215040-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REVaIZUQasc4VLHKHZbZ3gYQI5FmW%2B5SNqNURCV0i9mO%2Byu4mhi5wzc1%2B4ZMR8fCU%2FeJJevg%2FEq1NFeGEMKtepJkIvJMom%2BVp%2B4wbCbADkCV1sNUsB8t16XwapiAfuQ2pmbEJ6CofBmrug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 813be98e8a423b58-GVA
alt-svc: h3=":443"; ma=86400

GET
H2 200 qa-global.js Show response
ala3raf.net/qa-content/ 20 KB
5 KB 90ms
89ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-content/qa-global.js?1.8.4
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/vestlake36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/vestlake36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:44 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 07 May 2020 13:24:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5046-5a50eccf09f80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhU9xTmxjWfo7XLX89bpsfGlJtRClFfkn%2FzBFppBuxIo9bYyaTvXz%2FH8oRnnGGZeaNcAUSGpPuKRuMsAfz4H1CiMypKekEjXpnLPegzJCdLgJs22bZYw9p2pnZPxzhcSAb%2F2dfYw%2FsuzoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 813be98e8a433b58-GVA
alt-svc: h3=":443"; ma=86400

GET
H2 200 snow-core.js Show response
ala3raf.net/qa-theme/SnowFlatCustom/js/ 2 KB
1 KB 90ms
89ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/js/snow-core.js?1.8.4
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/vestlake36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/vestlake36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:44 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 07 May 2020 13:24:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"94f-5a50eccf09f80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xy1P%2BpkosFOPZlwjnoHbKTPCV73y72rGKVLtexb2t47nGpGRea0qgUFlCQxstXzcHK5CeqhEa7PaO2Yx2sQhvthSq65eCRDfRuU6opT2oOjYVLtjTeBRdWMuzMZHWjFCSbP4y0sXnExJFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 813be98e8a443b58-GVA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 151ms
61ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/vestlake36

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4efa6d43da63dcff834fc9f0c3c37da1ece9f9e9a48fe2f2e934c3370415fb4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Origin: https://ala3raf.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51489
x-xss-protection: 0
server: cafe
etag: 10204485134602971270
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 03:52:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 226ms
103ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/vestlake36

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

094864db249820d7222a0ff64abc5e4f4e3d818fab8a346bfa54ca8e48f05bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51528
x-xss-protection: 0
server: cafe
etag: 14412712167156000063
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 03:52:44 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 137ms
49ms Script
text/javascript 2606:4700:10::6814:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/vestlake36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:91f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 40049
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 813be9908ff23b51-GVA
content-length: 4547

GET
H2 200 SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
fonts.gstatic.com/s/cairo/v28/ 15 KB
15 KB 128ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v28/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ala3raf.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:22:54 GMT
x-content-type-options: nosniff
age: 451790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:51:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 22:22:54 GMT

GET
H3 200 search-icon-white.png
ala3raf.net/qa-theme/SnowFlatCustom/images/ 1 KB
2 KB 87ms
86ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/images/search-icon-white.png
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:44 GMT
cf-cache-status: MISS
last-modified: Mon, 14 Jan 2019 17:38:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "584-57f6e82f86400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S35a2pZsIX7AaJKT4CDM%2BYbxfHb01GqPLBkk%2BON51AiBorFfIM6xOyn1tHCoi1KGzIGxO%2BPh%2B6kdNLMXkbwd1FKZElTdbqn9Lu2h%2B0HMeq2SmhVKXF1s6ayHCDQ0rF06%2BKFHm1Rli5vLjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 813be99008583b5d-GVA
alt-svc: h3=":443"; ma=86400
content-length: 1412

GET
H3 200 spinner-icon-14x14.gif
ala3raf.net/qa-theme/SnowFlatCustom/images/ 8 KB
8 KB 67ms
67ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:44 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Jan 2019 17:38:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1e65-57f6e82f86400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiyJui6J%2BUIM3qoGL2dfxeIVTNTvzV3luTHcQWpitC3TGv4vekD%2Fgx1iYOMcV6iGlJ0U3wckZNADN%2FCdxvEtozOw6qHv0eToGCwP%2BioWTdni0YsvUbPTv%2B3ZVgJO4Ej9wKl7v1dK%2BcyVow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 813be990085a3b5d-GVA
alt-svc: h3=":443"; ma=86400
content-length: 7781

GET
H3 200 fontello.woff
ala3raf.net/qa-theme/SnowFlatCustom/fonts/ 7 KB
7 KB 88ms
88ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/fonts/fontello.woff?70015067
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Origin: https://ala3raf.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2016 20:01:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1c20-5387b41b3f980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmu54bayw7EVI%2FHA0CmYv7hzpGKbo1EYoOQksB8gitqloRq7X74UauQkyjIgAZp%2ByKd9PB%2FeFQ%2BXRg8AxUkhvgnA8%2BcE%2F3eHfnpW33JMbpo8MuorHn5avidpMz2QIRuMdCWavwyqSBHHcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 813be990085b3b5d-GVA
alt-svc: h3=":443"; ma=86400

GET
H2 200 SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
fonts.gstatic.com/s/cairo/v28/ 13 KB
13 KB 133ms
50ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v28/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

673b09d876a8d35a8e0beb633961ff166b000f51bd2222c4c13e236bc16eaf87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ala3raf.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 00:17:33 GMT
x-content-type-options: nosniff
age: 185711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13388
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:51:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Oct 2024 00:17:33 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/ 391 KB
133 KB 145ms
145ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078557

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00ef96ae016fe8bce4051e6a20956ee3d7250ac15ae6139e76779987b7dff118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135718
x-xss-protection: 0
server: cafe
etag: 11447849934862884057
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 03:52:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame D97A 10 KB
5 KB 127ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 48256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 14:28:29 GMT
etag: 2603938475786422795
expires: Mon, 23 Oct 2023 14:28:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 381ms
120ms Script
text/html 149.56.240.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4570762&@f16&@g1&@h1&@i1&@j1696909964966&@k0&@l1&@m%D8%A7%D9%84%D8%A3%D8%B9%D8%B1%D8%A7%D9%81&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:79624356&@b3:1696909965&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.130 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534298.ip-149-56-240.net
Software: /
Resource Hash: 2f2a1a368105f57ffb163b97fabcba25c09d4384bdc33c694dffa0e5ff73fd31

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 03:52:49 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
601 B 174ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ala3raf.net&callback=_gfp_s_&client=ca-pub-8343227950611411

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73f922b2ae423659ce77b64f2e195fe6730f9caf3584e6c9bc2c999de832e0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E50B 16 KB
5 KB 315ms
314ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1696902765&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696909964919&bpp=20&bdt=371&idt=256&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3937099769269&frm=20&pv=2&ga_vid=1300326223.1696909965&ga_sid=1696909965&ga_hid=883412624&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C31078657%2C44795922%2C44804782%2C44805112%2C31078557%2C21065724&oid=2&pvsid=3253547715279728&tmod=1328085980&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=279

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf25ae8dd297bbc2938bb4290df65a6c7cdbb98328f0f28002ed66e2bc6216a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5453
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 03:52:45 GMT
expires: Tue, 10 Oct 2023 03:52:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9F21 718 B
578 B 301ms
300ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696902765&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696909964940&bpp=2&bdt=393&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3937099769269&frm=20&pv=1&ga_vid=1300326223.1696909965&ga_sid=1696909965&ga_hid=883412624&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C31078657%2C44795922%2C44804782%2C44805112%2C31078557%2C21065724&oid=2&pvsid=3253547715279728&tmod=1328085980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8gQzT3VHvU&p=https%3A//ala3raf.net&dtd=273

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0646238065a35c9bdfd71bf8a7529fe8960fd9f93843714ec6c20160005135f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 03:52:45 GMT
expires: Tue, 10 Oct 2023 03:52:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 55ms
55ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8e018ba2feb07c709c6c56b23f8b5e1429f6b29b8256b945a17959418cd15bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12144
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C8C 50 KB
18 KB 313ms
312ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696902765&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696909965562&bpp=1&bdt=1014&idt=-M&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e48d119cf072668%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbjftxtxqDctefw9J5z-ZDueoh_kw&gpic=UID%3D00000c934fe156c3%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbEqVAW_XtzfUL906VYCbLDlNQpjw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3937099769269&frm=20&pv=1&ga_vid=1300326223.1696909965&ga_sid=1696909965&ga_hid=883412624&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C31078657%2C44795922%2C44804782%2C44805112%2C31078557%2C21065724&oid=2&pvsid=3253547715279728&tmod=1328085980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aScsArSvBG&p=https%3A//ala3raf.net&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b13231a05cbfe50276090bc3c50a9abdc9c803ae35bd12dc290d5ea4c9f57672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18530
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 03:52:45 GMT
expires: Tue, 10 Oct 2023 03:52:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC5C 436 B
236 B 246ms
245ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=50&adk=3573649038&adf=2347765671&pi=t.aa~a.1340144624~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696902765&rafmt=1&to=qs&pwprc=8890230846&format=1200x50&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696909965562&bpp=1&bdt=1015&idt=1&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e48d119cf072668%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbjftxtxqDctefw9J5z-ZDueoh_kw&gpic=UID%3D00000c934fe156c3%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbEqVAW_XtzfUL906VYCbLDlNQpjw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=3937099769269&frm=20&pv=1&ga_vid=1300326223.1696909965&ga_sid=1696909965&ga_hid=883412624&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C31078657%2C44795922%2C44804782%2C44805112%2C31078557%2C21065724&oid=2&pvsid=3253547715279728&tmod=1328085980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wiZCuShRtZ&p=https%3A//ala3raf.net&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73f5cf51f9f74d1b5328d16828b446787727d5db7ead06884f564ebb31805220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 03:52:45 GMT
expires: Tue, 10 Oct 2023 03:52:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 351ms
260ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 03:52:45 GMT

GET
H2 200 widget.js Show response
widgets.outbrain.com/n2d/widget/ Frame E003 46 KB
12 KB 136ms
44ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/n2d/widget/widget.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696902765&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696909965562&bpp=1&bdt=1014&idt=-M&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e48d119cf072668%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbjftxtxqDctefw9J5z-ZDueoh_kw&gpic=UID%3D00000c934fe156c3%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbEqVAW_XtzfUL906VYCbLDlNQpjw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3937099769269&frm=20&pv=1&ga_vid=1300326223.1696909965&ga_sid=1696909965&ga_hid=883412624&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C31078657%2C44795922%2C44804782%2C44805112%2C31078557%2C21065724&oid=2&pvsid=3253547715279728&tmod=1328085980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aScsArSvBG&p=https%3A//ala3raf.net&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Tue, 10 Oct 2023 03:52:46 GMT
content-encoding: gzip
content-length: 11833
last-modified: Tue, 22 Aug 2023 10:30:48 GMT
server: AkamaiNetStorage
etag: "6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Tue, 10 Oct 2023 07:52:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame E003 3 KB
2 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696902765&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696909965562&bpp=1&bdt=1014&idt=-M&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e48d119cf072668%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbjftxtxqDctefw9J5z-ZDueoh_kw&gpic=UID%3D00000c934fe156c3%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbEqVAW_XtzfUL906VYCbLDlNQpjw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3937099769269&frm=20&pv=1&ga_vid=1300326223.1696909965&ga_sid=1696909965&ga_hid=883412624&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C31078657%2C44795922%2C44804782%2C44805112%2C31078557%2C21065724&oid=2&pvsid=3253547715279728&tmod=1328085980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aScsArSvBG&p=https%3A//ala3raf.net&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 02:10:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 02:10:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame E003 20 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E003 187 KB
59 KB 195ms
70ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 03:52:46 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 50D5 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 6042
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 02:12:03 GMT
expires: Wed, 09 Oct 2024 02:12:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AF78 829 B
1 KB 137ms
50ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d764631db319256244e31a156d7b088d79cc2af5952d15f54f08e68592d6bba8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4vAmryh7qZfuXVE9izg_QQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4vAmryh7qZfuXVE9izg_QQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 03:52:46 GMT
expires: Tue, 10 Oct 2023 03:52:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 50D5 37 KB
14 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Oct 2024 11:52:51 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame E003 990 B
1 KB 42ms
42ms Image
image/svg+xml 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696902765&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696909965562&bpp=1&bdt=1014&idt=-M&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e48d119cf072668%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbjftxtxqDctefw9J5z-ZDueoh_kw&gpic=UID%3D00000c934fe156c3%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbEqVAW_XtzfUL906VYCbLDlNQpjw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3937099769269&frm=20&pv=1&ga_vid=1300326223.1696909965&ga_sid=1696909965&ga_hid=883412624&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C31078657%2C44795922%2C44804782%2C44805112%2C31078557%2C21065724&oid=2&pvsid=3253547715279728&tmod=1328085980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aScsArSvBG&p=https%3A//ala3raf.net&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Thu, 09 Nov 2023 03:52:46 GMT
date: Tue, 10 Oct 2023 03:52:46 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/3ISXQSKAEREWFFOE4QYSZO2BSBZVMLEWU5IT7RPYDB33VCPQ5KUVPFN4LFVMBD55UUI2LF5M5CSS4TD5NSULRS36AU6RUJCDL3WOUURCZ2PDIMFWS54CKLEP7E45WIAREUAEQB7XDHVDMBAIX56NNXVTSZ6HOV... Frame E003 26 B
151 B 169ms
48ms Image
image/gif 213.227.153.225
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/3ISXQSKAEREWFFOE4QYSZO2BSBZVMLEWU5IT7RPYDB33VCPQ5KUVPFN4LFVMBD55UUI2LF5M5CSS4TD5NSULRS36AU6RUJCDL3WOUURCZ2PDIMFWS54CKLEP7E45WIAREUAEQB7XDHVDMBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NERDRYGEQQQWLHORA3G6LOCVFFFXDUBDQQEUIC6MJ6WAZB3N5DZE6AYMUCSTZWZU5WL5E5GKNCELPBGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJER4P6Q34MKJR7JR4EGDSYYUGPP7IBMAY6HHH4OYLCFEAUUZ4IUQP5ZN7Q6EQFOBJ4Q/?
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696902765&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696909965562&bpp=1&bdt=1014&idt=-M&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e48d119cf072668%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbjftxtxqDctefw9J5z-ZDueoh_kw&gpic=UID%3D00000c934fe156c3%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbEqVAW_XtzfUL906VYCbLDlNQpjw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3937099769269&frm=20&pv=1&ga_vid=1300326223.1696909965&ga_sid=1696909965&ga_hid=883412624&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C31078657%2C44795922%2C44804782%2C44805112%2C31078557%2C21065724&oid=2&pvsid=3253547715279728&tmod=1328085980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aScsArSvBG&p=https%3A//ala3raf.net&dtd=4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.225 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 03:52:46 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A7E1 1 KB
643 B 58ms
58ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 18996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 22:36:10 GMT
etag: 48472445140208031
expires: Tue, 10 Oct 2023 22:36:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e723ef6a09799c4f527cb71a5d91932423.png
zem.outbrainimg.com/p/srv/sha/53/58/b4/ Frame E003 13 KB
13 KB 160ms
42ms Image
image/jpeg 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/53/58/b4/e723ef6a09799c4f527cb71a5d91932423.png?fit=crop&crop=faces,center&w=180&h=90&fm=jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

dc5bd323abbad0cf65658685008912e50cbc95a477fc2acc2e64834e22c793e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:46 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 682326
x-cache: HIT, MISS, HIT
x-imgix-id: f95c591ab37aba3d8e2fae2baceb4f1040713d9e
cross-origin-resource-policy: cross-origin
content-length: 12849
x-served-by: cache-sjc10057-SJC, cache-fra-etou8220041-FRA, cache-fra-eddf8230046-FRA
x-imgix-render-farm: 01.140360
last-modified: Mon, 02 Oct 2023 06:20:40 GMT
server: imgix
x-timer: S1696909966.186670,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
DATA 200
OK truncated
/ Frame E003 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d91be91d3a49d50977c0164fe1eec338c7ec5c6b75a0dcb4e0703c2bf92d370d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A7E1
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL_tCd9PxGL_PEdyBkXgh88&google_cver=1&google_push=AXcoOmScV3WbZkxxa5xxaCA_waewT_pi2etPTuzStKtV4vus4U3pwgxgi1bomZ1cc4wnFUMOYnfaisvgcs8uRiDP2xp5WNGtA8-7ew
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk5ODQyNzQ0MzQzMjUyNTQ5MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL_tCd9PxGL_PEdyBkXgh88&google_cver=1

43 B
398 B

43ms
43ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL_tCd9PxGL_PEdyBkXgh88&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 10 Oct 2023 03:52:46 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 03:52:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL_tCd9PxGL_PEdyBkXgh88&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A7E1
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI0nAht5Nyq0ojseoWSqjAw&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI0nAht5Nyq0ojseoWSqjAw&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=THVMUGJPVmsxUVEzTkE1&google_gid=CAESEI0nAht5Nyq0ojseoWSqjAw&google_cver=1&google_push=AXcoOmSureg6tZNSPpkxOHqgD4Q1ziro57BWvqGlT6yEoQJ...

170 B
232 B

51ms
51ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=THVMUGJPVmsxUVEzTkE1&google_gid=CAESEI0nAht5Nyq0ojseoWSqjAw&google_cver=1&google_push=AXcoOmSureg6tZNSPpkxOHqgD4Q1ziro57BWvqGlT6yEoQJTynfbDQEbgZp2324UTCwGAlNHfVNKoMwZToUlXH_7UuZDhl6eIuST2wg

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 03:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 03:52:45 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=THVMUGJPVmsxUVEzTkE1&google_gid=CAESEI0nAht5Nyq0ojseoWSqjAw&google_cver=1&google_push=AXcoOmSureg6tZNSPpkxOHqgD4Q1ziro57BWvqGlT6yEoQJTynfbDQEbgZp2324UTCwGAlNHfVNKoMwZToUlXH_7UuZDhl6eIuST2wg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A7E1
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIFPMrzWOdf44sKgiS7iz_Q&google_cver=1&google_push=AXcoOmSdF4kpi9Wb4e0tG9Mh7akyM2dnP3B14E3lSB4odP0cySCMsj2v-5C9-9x9djwvUwu8xKKziaHexj9DEXfhxlQ0fW5gt2_c6...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIFPMrzWOdf44sKgiS7iz_Q&google_cver=1&google_push=AXcoOmSdF4kpi9Wb4e0tG9Mh7akyM2dnP3B14E3lSB4odP0cySCMsj2v-5C9-9x9djwvUwu8xKKziaHexj9DEXfhxlQ0fW5gt2_...

43 B
420 B

207ms
198ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIFPMrzWOdf44sKgiS7iz_Q&google_cver=1&google_push=AXcoOmSdF4kpi9Wb4e0tG9Mh7akyM2dnP3B14E3lSB4odP0cySCMsj2v-5C9-9x9djwvUwu8xKKziaHexj9DEXfhxlQ0fW5gt2_c6t8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSdF4kpi9Wb4e0tG9Mh7akyM2dnP3B14E3lSB4odP0cySCMsj2v-5C9-9x9djwvUwu8xKKziaHexj9DEXfhxlQ0fW5gt2_c6t8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 03:52:46 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 813be99a38ce01f4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 03:52:46 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 50
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIFPMrzWOdf44sKgiS7iz_Q&google_cver=1&google_push=AXcoOmSdF4kpi9Wb4e0tG9Mh7akyM2dnP3B14E3lSB4odP0cySCMsj2v-5C9-9x9djwvUwu8xKKziaHexj9DEXfhxlQ0fW5gt2_c6t8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSdF4kpi9Wb4e0tG9Mh7akyM2dnP3B14E3lSB4odP0cySCMsj2v-5C9-9x9djwvUwu8xKKziaHexj9DEXfhxlQ0fW5gt2_c6t8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 813be998eeef01f4-ZRH
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame A7E1 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A7E1
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEdR8IKMux7aIzuN_JcRtyw&google_cver=1&google_push=AXcoOmQQeoA2kjoHSVtGB6rYT0RMzHS3qnIE56jWaSh3kJzj9jY58AkvazI-Tl30fea5-JC8ISZvtu-jjF4PakKz...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zILMiMXZTtoxVmmY5S7CpA&google_push=AXcoOmQQeoA2kjoHSVtGB6rYT0RMzHS3qnIE56jWaSh3kJzj9jY58AkvazI-Tl30fea5-JC8ISZvtu-jjF4PakKzv2cfekZqiWCfRQ

170 B
329 B

50ms
50ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zILMiMXZTtoxVmmY5S7CpA&google_push=AXcoOmQQeoA2kjoHSVtGB6rYT0RMzHS3qnIE56jWaSh3kJzj9jY58AkvazI-Tl30fea5-JC8ISZvtu-jjF4PakKzv2cfekZqiWCfRQ

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 03:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 10 Oct 2023 03:52:46 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zILMiMXZTtoxVmmY5S7CpA&google_push=AXcoOmQQeoA2kjoHSVtGB6rYT0RMzHS3qnIE56jWaSh3kJzj9jY58AkvazI-Tl30fea5-JC8ISZvtu-jjF4PakKzv2cfekZqiWCfRQ
x-host: tde-deliveryengine-production-868978d85-fmqzc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A7E1
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEPvCguUzEKe9sjli6CznaRs&google_cver=1&google_push=AXcoOmQLeSzdzgXRYVzOq0I_hg7zOm6UQENvARSbVpO4CDeUy6MVXuFPOLY8_1IO8gUmkb7tZiKSAG6mnSPFA_1uydtqvM_6-...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=838473032850&us_privacy=1---

170 B
232 B

50ms
50ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=838473032850&us_privacy=1---

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 03:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=838473032850&us_privacy=1---
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A7E1
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJwQns4KxgQ3v960dmGTPQ0&google_cver=1&google_push=AXcoOmTuu3L_dApiaW0-a7dpCLJrvHaaqOCM_z-BQxvzyQqC9SbjktfDE8jKsApDpQw1tUK0Jr37ER7wnS_BL_A...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=6V_5Hq3GXs5Vzb1bWRimkrnDR9g&google_push=AXcoOmTuu3L_dApiaW0-a7dpCLJrvHaaqOCM_z-BQxvzyQqC9SbjktfDE8jKsApDpQw1tUK0Jr37ER7wnS_BL_...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=6V_5Hq3GXs5Vzb1bWRimkrnDR9g&google_push=AXcoOmTuu3L_dApiaW0-a7dpCLJrvHaaqOCM_z-BQxvzyQqC9SbjktfDE8jKsApDpQw1tUK0Jr37ER7wnS_BL_A0W9wyeOi6epfeFmg

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 03:52:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=6V_5Hq3GXs5Vzb1bWRimkrnDR9g&google_push=AXcoOmTuu3L_dApiaW0-a7dpCLJrvHaaqOCM_z-BQxvzyQqC9SbjktfDE8jKsApDpQw1tUK0Jr37ER7wnS_BL_A0W9wyeOi6epfeFmg
Date: Tue, 10 Oct 2023 03:52:46 GMT
Connection: keep-alive
Content-Length: 245
Content-Type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A7E1 0
130 B 159ms
50ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbfUhel5SmzdeXPTVooz-4lUYTdvbzRmMSFVJuvPTXVt5wNSyTBdTPVt_cg4MgTsjXfmTq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AF78 0
0 94ms
94ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=3253547715279728&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 50D5 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9m5M8A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:52:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E003 0
19 B 102ms
102ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-tMSjcokZd7DJbiRiQaWhouQBtesnIJuyur8vP0QwI23ARABIABg9QWCARdjYS1wdWItODM0MzIyNzk1MDYxMTQxMcgBCagDAcgDAqoE7wFP0PwPGmv31z5jTWNJu105O97ZO0SXMjbijVYb-FIoRD7JRyqatNaX2Z7kmJpufDpvWmIa_SoXdJ0NjDluUr5L6zMUBOHxlqxhU9PtmaS4Vvlrcq7BStkXgCL4bomTYY497uULErCNFBXsjuc_LcSfqLPM-HAn0YHhLZqr3K6GUTDsYn6fe0oGoimVAPdM11ss0SXIpM6cjDNX622CKaxRKU6sX5WaMUQJVlam6y_QrqS9I5UQhlep3LV82eBENaRmGOizbzGl4fD-3CnA-Df2Vx9vKoKFmVX7hxge4sYEoehi3Tk_tyP2NH1fc3j4OYAGwb2q7ofN49BooAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MzQzMjI3OTUwNjExNDExGAA&sigh=dLsgE0P5Oxo&uach_m=[UACH]&cid=CAQSOwDICaaN6PUOmH0yapejlMeyeFKHcxj7_A1kEp2J1aFrtZI85RTng5HcbC5C52JjQvbAkeefmhjhs0N9GAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696902765&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696909965562&bpp=1&bdt=1014&idt=-M&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e48d119cf072668%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbjftxtxqDctefw9J5z-ZDueoh_kw&gpic=UID%3D00000c934fe156c3%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbEqVAW_XtzfUL906VYCbLDlNQpjw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3937099769269&frm=20&pv=1&ga_vid=1300326223.1696909965&ga_sid=1696909965&ga_hid=883412624&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C31078657%2C44795922%2C44804782%2C44805112%2C31078557%2C21065724&oid=2&pvsid=3253547715279728&tmod=1328085980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aScsArSvBG&p=https%3A//ala3raf.net&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 10 Oct 2023 03:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK /
b1-eudc1.zemanta.com/bidder/win/googleadx_display/78b513c4-6720-11ee-8c63-a8aca566908b/ZSTKjQAJYd4Kwki4AALDFr_24PkAyl2f8JjH4w/Z73ABXKB4TLMDIUPNRZNA7LRGIFLPZM34OYD6YAZEARW7TD65OK374O57XXW5KJDLV3JJA6... Frame E003 0
99 B 161ms
50ms Image
text/plain 213.227.153.222
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/78b513c4-6720-11ee-8c63-a8aca566908b/ZSTKjQAJYd4Kwki4AALDFr_24PkAyl2f8JjH4w/Z73ABXKB4TLMDIUPNRZNA7LRGIFLPZM34OYD6YAZEARW7TD65OK374O57XXW5KJDLV3JJA6JPMZ45Y2CIXKTV4LACQBFG7DANXLZQ432MEN3IM5KUNDAHPBJEVWUYHVFW44HIGVAPLKCYAA5K7I6ZSG7UXGKS5AOG5VIUY3FXP5KBKRB5KFKOWSMMMQMZSP544E6NIHMHJLUYSDOLLF32P747H6DNGQZSX3FGYCWT2WTONMS2REPFNND62JE3GEGOBHAGBPGLNOPCZFW2YC4MBHYUEZ5N5DJL6YRW3PVTQVG7YAXEUTAFECZV3HB52CUQ5VVVYKHK7UKNWXTH3KIW5K5DR6NQWKPSZEUKSVIY6C3MFQNSAENAMUBK7B55XAE3DDCDT347THUDCQDNTYIJEXTHITDWV6XG6MOMTZWT3IVQVZSTLJJWHWRLMNNUBVRK4SO36JLS2L7CSSZKAO3UYV4BKQIJSGJM7PDGDQ/?&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696902765&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fvestlake36&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696909965562&bpp=1&bdt=1014&idt=-M&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e48d119cf072668%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbjftxtxqDctefw9J5z-ZDueoh_kw&gpic=UID%3D00000c934fe156c3%3AT%3D1696909965%3ART%3D1696909965%3AS%3DALNI_MbEqVAW_XtzfUL906VYCbLDlNQpjw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3937099769269&frm=20&pv=1&ga_vid=1300326223.1696909965&ga_sid=1696909965&ga_hid=883412624&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C31078657%2C44795922%2C44804782%2C44805112%2C31078557%2C21065724&oid=2&pvsid=3253547715279728&tmod=1328085980&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aScsArSvBG&p=https%3A//ala3raf.net&dtd=4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 10 Oct 2023 03:52:46 GMT
Content-Length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 95ms
95ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=3253547715279728&bg=!YGOlYyzNAAbjlzx0w5c7ADQBe5WfOFgUiBlqw5jGf9MNbxluozpOcb7oCWmglO-B8uPOaNsDiOpt8HugqWpczyynNUbQAgAAALZSAAAACGgBB5kCq7zOBLsSBAIEoG1cMPLi_l_yqqZPe0_aUNZy8XLHePB4yQwv8A9-cV_FeTH4W0uTjC2biT4Q_hT8_pNSpg-l-tCfjxWXRC583EJq6dAZkwl_11Jjfo_9qT7nskJWelv_ls1Tu15zM_RlZ4QS9V0LgmCDlerWxEQnQBigO1HcycQEdBC1aGLCWGNADbRrl9RgjnI3DwR5ODKgeC0brFic-9Fm9zJV8E2rRZHdCHeQCKtUd_UC5NMKnjeR7j-9R_CmoesafQjGAswoA7bTBKzZBu-F-uvUP1f2bK-DUAEbz0mKkq4i9sdqQU3H0EzL4ROfDiev_Bc2ljm_n52SflSQZP7oGfwCpLhwNrtv7N_q3fpV1s78zLGOMeaWEyZwHArxgiIr6bl9e1jrnz92cQQbAB833gjN4QHmDzHk8b4_euGBM36X0Eg3dz-PwyMinSV6k4uwgioVVtFdwWM9GfsXZeX5jS79cNJyjcw1j-EDMo7fQTe8Uvg3XUtgmaLHxBFn7RyoQodeZ5h65QaiqcxfGJiBNy7rKITTINUYw2FJZK-Ntig5Op_Vayr4fvdxIvsyIyTMS7nueb839kWbbMM_mPsZrXBGVUDT8L85x1q5QGkvb15xVttYdRyGRerTO8l0tsfUQQfnhKyeDizIN-LPFrN_hx2FTmT4POHDtc2-gGW4O6D6h1BMuv7EENKFnf5wZnC_9mCz0iGCL92XDOYv4nM6iz-SLCq6EZqzpGO7k5UjWXrwO1wSzpXOkD7Z6z3SmsUN-ymh7RhR5SqNaP36FuW-TqhC_mEQ7CatG9rx7z-0tap-2HWOUZNnrR2ASSWCdv_1EUr1NHvNQRxn4mt_Px2qnIjQagC4m111DSqGCVKtExDrRsBPutwn-SCxNMnBSnFq40g7RmP1EYWv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFt_q3R7A7H7FEdb8RWJb9c&google_cver=1&google_push=AXcoOmSBvxIYGK7iSA2NW-QEgzYVAnU4hmBzOJTyI_VmFPIJJBxsRovpq9R1jWCDog833wU6EMKTUoqaRscBE0R3zMIxYYJspGx7LFk

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ala3raf.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: fmju0921igohriunie0pijhr16
ala3raf.net/	1970-01-20 15:24:42	Name: qa_key Value: iy99bt7nuj9du3114oobl57b7mb9eq56
ala3raf.net/	1970-01-21 00:07:25	Name: HstCfa4570762 Value: 1696909964966
ala3raf.net/	1970-01-21 00:07:25	Name: HstCla4570762 Value: 1696909964966
ala3raf.net/	1970-01-21 00:07:25	Name: HstCmu4570762 Value: 1696909964966
ala3raf.net/	1970-01-21 00:07:25	Name: HstPn4570762 Value: 1
ala3raf.net/	1970-01-21 00:07:25	Name: HstPt4570762 Value: 1
ala3raf.net/	1970-01-21 00:07:25	Name: HstCnv4570762 Value: 1
ala3raf.net/	1970-01-21 00:07:25	Name: HstCns4570762 Value: 1
.ala3raf.net/	1970-01-21 00:43:25	Name: __gads Value: ID=1e48d119cf072668:T=1696909965:RT=1696909965:S=ALNI_MbjftxtxqDctefw9J5z-ZDueoh_kw
.ala3raf.net/	1970-01-21 00:43:25	Name: __gpi Value: UID=00000c934fe156c3:T=1696909965:RT=1696909965:S=ALNI_MbEqVAW_XtzfUL906VYCbLDlNQpjw
.doubleclick.net/	1970-01-21 00:57:49	Name: IDE Value: AHWqTUnXGwAm5qHOZ52xqjTKa5uq7EboKvHLq4C4uEmoXpO7vjdGUVo3Z1kZ4FhWybc
.travelaudience.com/	1970-01-21 00:53:30	Name: _tracker Value: %7B%22UUID%22%3A%22CC82CC88-C5D9-4EDA-3156-6998E52EC2A4%22%7D
.acuityplatform.com/	1970-01-21 00:07:25	Name: auid Value: 838473032850
.acuityplatform.com/	1970-01-21 00:07:25	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRUV2c120mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUVFdnNdtI90aGlyZFBhcnR5VXNlcklkWkNBRVNFUHZDZ3VVekVLZTlzamxpNkN6bmFSc/v7hnZlcnNpb27C+w=="
.w55c.net/	1970-01-21 00:53:30	Name: wfivefivec Value: LuLPbOVk1QQ3NA5
.w55c.net/	1970-01-20 16:05:01	Name: matchgoogle Value: 5
.tribalfusion.com/	1970-01-20 17:31:25	Name: ANON_ID Value: alntuJtZdPuem7SpBmPo7VZaS3x2jMZbMv0Txn43RMFvkTteew1S2XrdIcVvVyqT3w5m0rOSrxrdwUGrwpV4YFySGh9
sync.srv.stackadapt.com/	1970-01-21 00:07:25	Name: sa-user-id Value: s%3A0-e95ff91e-adc6-5ece-55cd-bd5b5918a692.eQ7YaFKPpk5B1ODgsnD0OnDEnAn3ktfRxTBKI2GDeFI
.srv.stackadapt.com/	1970-01-21 00:07:25	Name: sa-user-id Value: s%3A0-e95ff91e-adc6-5ece-55cd-bd5b5918a692.eQ7YaFKPpk5B1ODgsnD0OnDEnAn3ktfRxTBKI2GDeFI
sync.srv.stackadapt.com/	1970-01-21 00:07:25	Name: sa-user-id-v2 Value: s%3A6V_5Hq3GXs5Vzb1bWRimkrnDR9g.QLAyRC0O4QGo2wkU1k0iSoWzD9tmYtnyta4LYLIEWts
.srv.stackadapt.com/	1970-01-21 00:07:25	Name: sa-user-id-v2 Value: s%3A6V_5Hq3GXs5Vzb1bWRimkrnDR9g.QLAyRC0O4QGo2wkU1k0iSoWzD9tmYtnyta4LYLIEWts
sync.srv.stackadapt.com/	1970-01-21 00:07:25	Name: sa-user-id-v3 Value: s%3AAQAKIJuTuYjNl8YVsQ4F37Tw7QoscZqpY2rzmAK2yFWaekuKEHwYBCCOlZOpBjABOgTwi70wQgR3PReL.KboOcCkRaZDnbuoYts1idd8Lmac%2FngiMQnAWP3WeKXo
.srv.stackadapt.com/	1970-01-21 00:07:25	Name: sa-user-id-v3 Value: s%3AAQAKIJuTuYjNl8YVsQ4F37Tw7QoscZqpY2rzmAK2yFWaekuKEHwYBCCOlZOpBjABOgTwi70wQgR3PReL.KboOcCkRaZDnbuoYts1idd8Lmac%2FngiMQnAWP3WeKXo
.turn.com/	1970-01-20 19:41:01	Name: uid Value: 2998427443432525491

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ala3raf.net/user/vestlake36 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
ala3raf.net
b1-eudc1.zemanta.com
b1t-eudc1.zemanta.com
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
r.turn.com
s.tribalfusion.com
s10.histats.com
s4.histats.com
sync-tm.everesttech.net
sync.srv.stackadapt.com
tpc.googlesyndication.com
ums.acuityplatform.com
widgets.outbrain.com
www.google.com
www.googletagservices.com
zem.outbrainimg.com
sync-tm.everesttech.net
142.250.186.98
146.75.118.132
149.56.240.130
154.59.122.79
213.227.153.222
213.227.153.225
23.32.185.60
2606:4700:10::6814:91f
2606:4700::6812:18ad
2a00:1450:4001:802::2002
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:812::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a06:98c1:3121::3
35.190.0.66
46.228.164.11
52.57.181.189
54.164.217.79
00ef96ae016fe8bce4051e6a20956ee3d7250ac15ae6139e76779987b7dff118
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0646238065a35c9bdfd71bf8a7529fe8960fd9f93843714ec6c20160005135f1
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
094864db249820d7222a0ff64abc5e4f4e3d818fab8a346bfa54ca8e48f05bce
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a
1c6500e114cdac56f55c61e0f9e115e760560c1c18bb1b1bfa57ec85ab3b2dcb
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f2a1a368105f57ffb163b97fabcba25c09d4384bdc33c694dffa0e5ff73fd31
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
338503240a2b1a2a0e52e0a5252920489588e5d55ca4812a9e060b9f6080f823
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4efa6d43da63dcff834fc9f0c3c37da1ece9f9e9a48fe2f2e934c3370415fb4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
6002e23815ec42acedba12390950c5e1bb68a864af09bc445d29ebafd955acea
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
673b09d876a8d35a8e0beb633961ff166b000f51bd2222c4c13e236bc16eaf87
73f5cf51f9f74d1b5328d16828b446787727d5db7ead06884f564ebb31805220
73f922b2ae423659ce77b64f2e195fe6730f9caf3584e6c9bc2c999de832e0f4
806e57f8c7da1780198e2945ab05cab7a252d020bd5049fdc281fa2c62423349
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
a8e018ba2feb07c709c6c56b23f8b5e1429f6b29b8256b945a17959418cd15bd
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
b13231a05cbfe50276090bc3c50a9abdc9c803ae35bd12dc290d5ea4c9f57672
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
bf25ae8dd297bbc2938bb4290df65a6c7cdbb98328f0f28002ed66e2bc6216a5
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb
d764631db319256244e31a156d7b088d79cc2af5952d15f54f08e68592d6bba8
d91be91d3a49d50977c0164fe1eec338c7ec5c6b75a0dcb4e0703c2bf92d370d
dc5bd323abbad0cf65658685008912e50cbc95a477fc2acc2e64834e22c793e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59f5c02f655d66b41ce3481413c11dcf3e903b7708db00d537685a1dc003c43

ala3raf.net Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

86 %HTTPS

50 %IPv6

19 Domains

25 Subdomains

19 IPs

5 Countries

512 kBTransfer

1398 kBSize

25 Cookies

2 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ala3raf.net Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

86 %
HTTPS

50 %
IPv6

19
Domains

25
Subdomains

19
IPs

5
Countries

512 kB
Transfer

1398 kB
Size

25
Cookies

49 HTTP transactions
1 data transactions