urlscan.io logo urlscan.io
SecurityTrails logo

ala3raf.net Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ala3raf.net/index.php?qa=account
Effective URL: https://ala3raf.net/login
Submission: On October 01 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 8 countries across 19 domains to perform 95 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is ala3raf.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 26th 2023. Valid for: a year.
This is the only time ala3raf.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 188.114.97.3 13335 (CLOUDFLAR...)
2 142.250.184.234 15169 (GOOGLE)
14 142.250.185.226 15169 (GOOGLE)
1 104.20.9.31 13335 (CLOUDFLAR...)
3 172.217.23.99 15169 (GOOGLE)
2 14 142.250.186.130 15169 (GOOGLE)
1 54.39.128.117 16276 (OVH)
1 142.250.185.66 15169 (GOOGLE)
6 142.250.186.67 15169 (GOOGLE)
19 142.250.186.161 15169 (GOOGLE)
4 172.217.16.194 15169 (GOOGLE)
1 13.107.213.44 8075 (MICROSOFT...)
1 151.101.1.108 54113 (FASTLY)
2 5 2.23.209.187 20940 (AKAMAI-ASN1)
2 4 142.250.185.164 15169 (GOOGLE)
1 1 13.107.42.14 8068 (MICROSOFT...)
8 142.250.186.66 15169 (GOOGLE)
1 1 134.122.57.34 14061 (DIGITALOC...)
1 1 139.162.38.30 63949 (AKAMAI-LI...)
2 2 3.125.57.54 16509 (AMAZON-02)
2 2 213.155.156.167 1299 (TWELVE99 ...)
2 2 37.157.5.84 198622 (ADFORM)
1 1 54.198.162.177 14618 (AMAZON-AES)
4 185.89.210.212 29990 (ASN-APPNEX)
4 142.250.185.194 15169 (GOOGLE)
95 19
10    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
ala3raf.net
2    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
14    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
pagead2.googlesyndication.com
1    104.20.9.31 (None, )

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
3    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net
fonts.gstatic.com
14    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads.g.doubleclick.net
1    54.39.128.117 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns561935.ip-54-39-128.net
s4.histats.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
6    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.gstatic.com
19    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
tpc.googlesyndication.com
4    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
www.googletagservices.com
1    13.107.213.44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
5    2.23.209.187 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-187.deploy.static.akamaitechnologies.com
www.bing.com
4    142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
8    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    139.162.38.30 (Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1451-30.members.linode.com
a.c.appier.net
2    3.125.57.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-57-54.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    213.155.156.167 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    54.198.162.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-162-177.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs.com
4    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
33 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
491 KB
22 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
151 KB
10 ala3raf.net
ala3raf.net
77 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
102 KB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 87
16 KB
5 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 2546
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6584
30 KB
5 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
www.googleadservices.com — Cisco Umbrella Rank: 178
602 B
4 google.com
www.google.com — Cisco Umbrella Rank: 11
1 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
229 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 954
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7132
646 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
1 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 8396
s4.histats.com — Cisco Umbrella Rank: 8413
5 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
2 KB
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
1 KB
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 10594
598 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3359
552 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 830
774 B
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 7418
29 KB
95 19
Domain Requested by
19 tpc.googlesyndication.com googleads.g.doubleclick.net
ala3raf.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
14 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
ala3raf.net
14 pagead2.googlesyndication.com ala3raf.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
10 ala3raf.net 1 redirects ala3raf.net
8 cm.g.doubleclick.net googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
5 www.bing.com 2 redirects googleads.g.doubleclick.net
4 www.googleadservices.com googleads.g.doubleclick.net
4 ams3-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
ala3raf.net
4 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
4 www.googletagservices.com googleads.g.doubleclick.net
ala3raf.net
3 fonts.gstatic.com fonts.googleapis.com
googleads.g.doubleclick.net
2 c1.adform.net 2 redirects
2 d5p.de17a.com 2 redirects
2 x.bidswitch.net 2 redirects
2 fonts.googleapis.com ala3raf.net
googleads.g.doubleclick.net
1 sync.srv.stackadapt.com 1 redirects
1 a.c.appier.net 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 cdn.adnxs.com ala3raf.net
1 adsdk.microsoft.com ala3raf.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 s4.histats.com s10.histats.com
1 s10.histats.com ala3raf.net
95 25

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-26 -
2024-02-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
histats.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2023-04-07 -
2024-04-01		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
r.bing.com
Microsoft RSA TLS CA 01		 2022-11-15 -
2023-11-15		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 18 frames:

Primary Page: https://ala3raf.net/login
Frame ID: 670452BAB65B2CA3700B78B2E9FC15AE
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Frame ID: D46AA8541B92382C7E1A54CFAD58B71E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1696128565&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fala3raf.net%2Flogin&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765661&bpp=19&bdt=922&idt=122&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8342124909072&frm=20&pv=2&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=141
Frame ID: 48DA84DA7AD9F7D9F3CBAE9F4C117EB6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696128565&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765680&bpp=2&bdt=941&idt=128&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eSRbZpZ57n&p=https%3A//ala3raf.net&dtd=131
Frame ID: 3696A257DF9B0B942D69F611022350E9
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Frame ID: 45C86C9AF55C1098DCFAF1EC7BD5C490
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=50&adk=3573649038&adf=2347765671&pi=t.aa~a.1340144624~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x50&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=1&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=G5TgwtUjt2&p=https%3A//ala3raf.net&dtd=9
Frame ID: A9F613E44E0F084383F844C76C0B8553
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Frame ID: E453A980271209F128337454E626C399
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Frame ID: CF92771BEC3B8100B1F45FB3B05FB88F
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: D9948DF20DBD372FE66B92A082B02FCF
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: B099F0B5F35894F3D5A5878B6E4A797A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F75594FBE180CFAE060A1740FCF14D2E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DDB2410D0E0B9EAC742CED12DF85EE4C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 76006765153C43FD05F5D013E0DD4BD7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
Frame ID: F9A64FD6E3F7DA718DCCD5CB9DC27EE6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
Frame ID: A8A81C75CE4EAA7B79398D5FEAD0CEF6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
Frame ID: 715C698A20EC9A8AD232E3E0CE24FF7A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7B562F14ECCE467421DDBF4B0EAE001F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 806D0D7320DACBD7DE895D5B4694CE7A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

دخول - الأعراف

Page URL History Show full URLs

  1. https://ala3raf.net/index.php?qa=account HTTP 302
    https://ala3raf.net/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

88 %
HTTPS

0 %
IPv6

19
Domains

25
Subdomains

19
IPs

8
Countries

1130 kB
Transfer

3096 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ala3raf.net/index.php?qa=account HTTP 302
    https://ala3raf.net/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c821a784-5be9-464e-8426-124a2227726a&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=65029e30-d63e-4148-b76a-67110887fa45&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D5c1acbafb158473080c899ceb5097de7%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=5014939650728767494 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5c1acbafb158473080c899ceb5097de7&SNR=1&GV=2&med=10
Request Chain 61
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 64
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPBqj_qqOlpQtjrlj9a1kpw&google_cver=1&google_push=AXcoOmRF38dWZ0PMhKhH_j5Aj9ippDYZt-84-9_hwkenN7hte4cH5foFmqG5FM9RKl7qzewrCLqOl6NKkU1rZ_DTp06ZALQnrbgu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRF38dWZ0PMhKhH_j5Aj9ippDYZt-84-9_hwkenN7hte4cH5foFmqG5FM9RKl7qzewrCLqOl6NKkU1rZ_DTp06ZALQnrbgu
Request Chain 65
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEJUy5yXlpdWJVoDw_l1yr9E&google_cver=1&google_push=AXcoOmQNPRtaZ_Kt8nqjkc7A9s4hvCeZA1RGVmd5TP4fhCEgxAVdb9U9hSYV9ufIkRX2zIL2NHxpTN_p0wTYlsuFd8FoqHBlNhUilA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQNPRtaZ_Kt8nqjkc7A9s4hvCeZA1RGVmd5TP4fhCEgxAVdb9U9hSYV9ufIkRX2zIL2NHxpTN_p0wTYlsuFd8FoqHBlNhUilA
Request Chain 66
  • https://a.c.appier.net/gcm?google_gid=CAESEIriSDHKR1Ba-Avk5wuDgq4&google_cver=1&google_push=AXcoOmS0A_Oy2sMx8Syjl7cnrDGV9QAcjUfTE1fi4VerOMA-_kAY_Xl3CwpI5gRR80GLR1ZLw_nTfT5KS7aedDohCQC7w0vnRQtqaw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OFViLXpYeHZCdzJyd2J0ZlZfb1laUQ%3D%3D&google_push=AXcoOmS0A_Oy2sMx8Syjl7cnrDGV9QAcjUfTE1fi4VerOMA-_kAY_Xl3CwpI5gRR80GLR1ZLw_nTfT5KS7aedDohCQC7w0vnRQtqaw
Request Chain 67
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGMIheshDPlyhDLWzThTwpw&google_cver=1&google_push=AXcoOmSjSWBkZK9w5zJ_TX__guTarAmxy8oTL5l3hNyZ9dznSOswivu72BCjco_-FTliF1x3_kfcUqy2AJxhU-G_3uHXguZDP6L2XA HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGMIheshDPlyhDLWzThTwpw&google_cver=1&google_push=AXcoOmSjSWBkZK9w5zJ_TX__guTarAmxy8oTL5l3hNyZ9dznSOswivu72BCjco_-FTliF1x3_kfcUqy2AJxhU-G_3uHXguZDP6L2XA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSjSWBkZK9w5zJ_TX__guTarAmxy8oTL5l3hNyZ9dznSOswivu72BCjco_-FTliF1x3_kfcUqy2AJxhU-G_3uHXguZDP6L2XA&google_hm=tFuZt5aTSee_EbFj5E4gIg==
Request Chain 68
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEC4jxuSnFoaaW68BIgNO8mQ&google_cver=1&google_push=AXcoOmTO-OSnsKGa1_ZJqB_O5_PYDgy7Jke9l_LlnnBGdRCeOAlb3JyOyCIMVcZOVSptKeJ37gWgIcErZqiYRCqj5hXhoviwWGhd HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEC4jxuSnFoaaW68BIgNO8mQ&google_cver=1&google_push=AXcoOmTO-OSnsKGa1_ZJqB_O5_PYDgy7Jke9l_LlnnBGdRCeOAlb3JyOyCIMVcZOVSptKeJ37gWgIcErZqiYRCqj5hXhoviwWGhd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTO-OSnsKGa1_ZJqB_O5_PYDgy7Jke9l_LlnnBGdRCeOAlb3JyOyCIMVcZOVSptKeJ37gWgIcErZqiYRCqj5hXhoviwWGhd
Request Chain 69
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEtWo4LD3Cxlqzt9Sb5TxqY&google_cver=1&google_push=AXcoOmSyOrxk5DKtI1mHbv3k3B_LCwLbbRZeSARogAN9BuXznNmLgbpkM2sbL3JT60LZkJS1omcs0lQmr95m_6hFMVewBr2kiQCH HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEtWo4LD3Cxlqzt9Sb5TxqY&google_cver=1&google_push=AXcoOmSyOrxk5DKtI1mHbv3k3B_LCwLbbRZeSARogAN9BuXznNmLgbpkM2sbL3JT60LZkJS1omcs0lQmr95m_6hFMVewBr2kiQCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAyMDYyOTkxNzQ4Mjk5MTI2OA&google_push=AXcoOmSyOrxk5DKtI1mHbv3k3B_LCwLbbRZeSARogAN9BuXznNmLgbpkM2sbL3JT60LZkJS1omcs0lQmr95m_6hFMVewBr2kiQCH
Request Chain 70
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOMrM2dCKVB6pAyIgPsjX_o&google_cver=1&google_push=AXcoOmRmVaRcIeG3ikxtHu7gHG1yzGN5PCqHfkNKFWisQlHgm7mPaBvdqUR66bBa0Cb6ZnlosR0LS9umAIU4WlxjOJ9mhmFvimHpPQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jiGffe8eX7Zrdcy7rdLAV1OWB-w&google_push=AXcoOmRmVaRcIeG3ikxtHu7gHG1yzGN5PCqHfkNKFWisQlHgm7mPaBvdqUR66bBa0Cb6ZnlosR0LS9umAIU4WlxjOJ9mhmFvimHpPQ
Request Chain 72
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 79
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CRvcmVvoYZYbDJJe2xdwPvqSGgAbGm5rfZPqyhfajCNzR2ZuXDhABIOfnuR5g9ZXOgeAEoAGchq_1AsgBAqkCewBzMmpUsj6oAwHIA8kEqgT2AU_QF_QWKmk9Zozm_VVoC0LYj1E-6XgrkROOAfxjmnu0LXlBlJbynW8wYlkRXyFC5pg_7G0MSpxDuX-P2VYlPY93v-Kw7ds1v-xvjquknlFrLgtVILeXqVMhlTatt7Zf9GZtC1g4QVZcr762RXh_MU2TfgZX1UD9AS0MZRvT5pcLZ7GE2-MH9MVNdnEq9lNz9iBuZS7YXFxawESsrkmE1NGjclmuUqClIIRa2QkfZkZ8monNkGWV6VFH79AO4QmsniWYLbhBk5WIgEC6CJu5HXmnf3LztZ9D14efbnGqdv68zoh7qPEJgh8p-8VdltcQp9YX9TMvUMAEzNWz6eYBiAXhyL2DBpIFBAgEGAGSBQQIBRgEoAYCgAfM-dCKAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPLhCtIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkeaHR0cHM6Ly9idnMtYmlsZHVuZ3N6ZW50cnVtLmNogAoByAsB2gwRCgsQgKvirMLVuJS5ARICAQPYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODM0MzIyNzk1MDYxMTQxMRgA&sigh=PYMvMEc8_KM&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNm9lMVxsG28SOZtME141k98xto6nUnxML2Ed6rAQyjHHMs4bgRLFi5-pXbC85Q8tIS5_5Y5oL4BgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9b200366835ebbe40000000000000000%22,%222%22:%220x66e39f6688dc93a70000000000000000%22,%223%22:%220x98c8ca606188edd30000000000000000%22,%224%22:%220xb7b78964032c4fca0000000000000000%22,%225%22:%220xd17f97947ffef4070000000000000000%22},%22debug_key%22:%2212807572352979984755%22,%22debug_reporting%22:true,%22destination%22:%22https://bvs-bildungszentrum.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22783008540%22],%224%22:[%2210-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216653345012411666705%22}&andc=true
Request Chain 80
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CekZrVvoYZcGJB-CqxdwPkem54A2gko71cvLWvvf6EfLs0uCyARABIOfnuR5g9ZXOgeAEoAGb2tCQKcgBAakC5k5SORi9sT6oAwHIA8sEqgT8AU_Q7Ziq_YUXeeQ-blS2LV24GiUFxI3gHw_IIa8UhewhnmtE2FYg0PRsEYeKPA3db8nCp6YyiBexy53SNI_-URXk2gI5-07yf-iVtVi4d9IkX3ly4PiZE92UktjYtWybZu47sHJ-cck0WXl-ljHQWMG3Y9vnAwdlN39kcdcwYpKlt9yMD_18whqB5tf0Wcg7TWqDcHUhPomTtQG9TVQOI29qoN4vmCzwilhxfW3RCj8gmq7fagc6T9eqBK3fAl2hsrlUjHBStL3B-v8u6R0N4nH_8LOjB_RrCOAnK3XFoFVmBWECU_8l34BrGdijHkMD0BfmFt_DNsHCVN1RLsAE2YO40MgEiAXz9szDTJIFBAgEGAGSBQQIBRgEgAebkqHwA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELz1C9IIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkbaHR0cHM6Ly90ZW1wb3NlYXJjaC5jb20vZHNygAoByAsB2gwRCgsQ0Jmv5d331-SkARICAQPYEw3QFQGAFwGyFxwKGggAEhRwdWItODM0MzIyNzk1MDYxMTQxMRgA&sigh=lz2dOCvD2O8&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNfUCup_8RzMM2ndE7uVvwpEU8tu1ZdhgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xafd3c9bcbd771eae0000000000000000%22,%222%22:%220x448069caadc7c9d50000000000000000%22,%223%22:%220x7d72d947f23a0daa0000000000000000%22,%224%22:%220x19d91ec42ac743960000000000000000%22,%225%22:%220xfae312c5cafa54670000000000000000%22},%22debug_key%22:%227824223260439486521%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040730395%22],%224%22:[%2210-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215237454845044152977%22}&andc=true
Request Chain 92
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c821a784-5be9-464e-8426-124a2227726a&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=65029e30-d63e-4148-b76a-67110887fa45&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D5c1acbafb158473080c899ceb5097de7%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=5014939650728767494 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5c1acbafb158473080c899ceb5097de7&tids=15000&med=10

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
ala3raf.net/
Redirect Chain
  • https://ala3raf.net/index.php?qa=account
  • https://ala3raf.net/login
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6feda9ab1946f892fa3a4f0b000d0c756ce03cea59b751361de209054dad2dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
80f214308b760a89-IAD
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 01 Oct 2023 04:49:24 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKEtwYsvMPkw%2FFe6JVhaG6R8Wc8qFyuwHsWxMk4MYIKa2ZRcOq9IxBoVxtHgn5TNOqe7csHGvdkuxt%2FaR%2Ft0Y8%2Bj%2F4Xc%2BOiPvQt4GsMk2aYprbvYfKVwsT0Iq2p8lA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
80f2142e99fa0a89-IAD
content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 04:49:24 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
./login
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWm0KSXwH6vOBckt8PnLuUUGV7l6u3%2FFhaYtDLK7S8ZtKnFoxSnhZq7JFGgZK01JpN26TX7LCB6GtLhLOZ2bFjdpPI%2Fd2oJvb%2BIgQFcl4aAMO5aoU8n4El3VYR%2B5XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
qa-styles.css
ala3raf.net/qa-theme/SnowFlatCustom/ 		71 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
338503240a2b1a2a0e52e0a5252920489588e5d55ca4812a9e060b9f6080f823

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:25 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 07 May 2020 13:24:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"11b91-5a50eccf09f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8kqFYJVpbFTmr23A9%2BYwP0DyKAjl8jL1oJHfIfCILPS5i6gwJISXF9kYhxQwBLnltSx6zAvtTShhwwEN0CwCIH3Zj6kXPD9ofJOtY3kUm%2BpWp207qV9CfyVwKJ5CA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80f214320cb50a89-IAD
alt-svc
h3=":443"; ma=86400
qa-styles-rtl.css
ala3raf.net/qa-theme/SnowFlatCustom/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles-rtl.css?1.8.4
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
806e57f8c7da1780198e2945ab05cab7a252d020bd5049fdc281fa2c62423349

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:24 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 28 Jul 2021 10:23:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2d9a-5c82c600af3c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txmAH9swht1vwkTOQR08YAMRWi8CKRTPENBkEOjz2TfJUCi3t43QNQoTeOAV%2FB1eO1osOJufCtvq%2B0GVcYdZf13NEhoTF2sUfCFvVjK%2B3wH%2FQNhKgpmN%2BFN%2F8xSJoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
80f214320cb80a89-IAD
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		1 KB
904 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cairo&display=swap
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
1c6500e114cdac56f55c61e0f9e115e760560c1c18bb1b1bfa57ec85ab3b2dcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 01 Oct 2023 04:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 01 Oct 2023 04:49:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 01 Oct 2023 04:49:25 GMT
jquery-3.3.1.min.js
ala3raf.net/qa-content/ 		111 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ala3raf.net/qa-content/jquery-3.3.1.min.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6002e23815ec42acedba12390950c5e1bb68a864af09bc445d29ebafd955acea

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:25 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 11 May 2020 13:00:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1bb29-5a55eef215040-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dxqTWDPdyRpk6sYagCowdEdgRjmWgTvhxU%2Bj05lv7l81w74EerqlUACThdxZ6dAMB8cp7ofAMgCf08%2Fs3r85lb9V%2BixtO%2BCZC%2FGMQ1w194XhrPorrMhpWce4IjcwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80f214320cb90a89-IAD
alt-svc
h3=":443"; ma=86400
qa-global.js
ala3raf.net/qa-content/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ala3raf.net/qa-content/qa-global.js?1.8.4
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:25 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 07 May 2020 13:24:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5046-5a50eccf09f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rc9KgHhxXC0FaaIoreaGFC%2Bp1NzZNk3iQugwVCPr9ReZcj6Kamxn92Ct%2Fpf8uA57IZ%2BcNntYJUdzGXI%2BRFScDp%2F9oPgiVn0QCiGwDxSOhzarw7NGT5M%2BrvQt%2FDjw2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80f214320cba0a89-IAD
alt-svc
h3=":443"; ma=86400
snow-core.js
ala3raf.net/qa-theme/SnowFlatCustom/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ala3raf.net/qa-theme/SnowFlatCustom/js/snow-core.js?1.8.4
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:25 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 07 May 2020 13:24:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"94f-5a50eccf09f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BJ3%2BN6ao9m57ORqjtksX7cz%2F1Q15%2FNoKmRq5WamHrIpCLtV1q0C0yfO5tJ5ekVMdvfny6i1rNEQ1mQCcMCheawYtxja6CtSl%2BHC6C7%2FnV2v%2BZNqGQ%2BubiBufJQDYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
80f214320cbc0a89-IAD
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e00826bbf0764c1d1c7dcd34a4f28f3a54799d5a68959525a347a958b8246bb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Origin
https://ala3raf.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50918
x-xss-protection
0
server
cafe
etag
9792063802429621128
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 04:49:25 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
bc4786439820152786f876016c0f9f92f0dab004a26a539a05d067fefd72d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51032
x-xss-protection
0
server
cafe
etag
11583693056997949793
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 04:49:25 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.9.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
46176
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
80f2143729141c44-FRA
content-length
4547
SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
fonts.gstatic.com/s/cairo/v28/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cairo/v28/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ala3raf.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 22:15:26 GMT
x-content-type-options
nosniff
age
23639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15040
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:51:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 22:15:26 GMT
search-icon-white.png
ala3raf.net/qa-theme/SnowFlatCustom/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ala3raf.net/qa-theme/SnowFlatCustom/images/search-icon-white.png
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:25 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 14 Jan 2019 17:38:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"584-57f6e82f86400"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oj0ZQi8juML2flrgEFO2zLQT9X0r31DIHlwwogykTDEoJGRBDcPifpuf7Wf5OXnPiJEDuAxBgAih1cE4E6PrS6fiUP8MkVkKpbLBKPvdbsxwOJQmDqV7apEsjizP6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80f214350eaa0a89-IAD
alt-svc
h3=":443"; ma=86400
content-length
1412
spinner-icon-14x14.gif
ala3raf.net/qa-theme/SnowFlatCustom/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ala3raf.net/qa-theme/SnowFlatCustom/images/spinner-icon-14x14.gif?1410117644
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:25 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 14 Jan 2019 17:38:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1e65-57f6e82f86400"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwgJO3vHJLlx0yoeu01PUAhagf4eD4jWqkKuUYFdA%2B9QPTWgnkStiBMutMM%2FszssuJv1iVsvqVgFJpF%2Bzqus%2B8Jua4MSGpJOj3L3jyK2uUZZA39UEv5jIYXZCE6BQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80f214358f0d0a89-IAD
alt-svc
h3=":443"; ma=86400
content-length
7781
fontello.woff
ala3raf.net/qa-theme/SnowFlatCustom/fonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ala3raf.net/qa-theme/SnowFlatCustom/fonts/fontello.woff?70015067
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer
https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Origin
https://ala3raf.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:25 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 25 Jul 2016 20:01:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1c20-5387b41b3f980"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0sDB1j%2Bm8e9x6YASQxfubgkCBzvMK%2B9mhBrOvBH3O%2BkJkSURSJAXq8t9gvx8adqteNVEcyA19APhkgTAGhsy9IircW1b4k2fAHb9f5L3shN3AkizFWdtDKyZwRPWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
80f214358f0e0a89-IAD
alt-svc
h3=":443"; ma=86400
SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
fonts.gstatic.com/s/cairo/v28/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cairo/v28/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
673b09d876a8d35a8e0beb633961ff166b000f51bd2222c4c13e236bc16eaf87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ala3raf.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 00:16:19 GMT
x-content-type-options
nosniff
age
16386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13388
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:51:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Sep 2024 00:16:19 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
17173247be2147dd04ece73252ff0a844de3d4797883b4c3643a50b414df1de1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131216
x-xss-protection
0
server
cafe
etag
7609374494996936338
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 04:49:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame D46A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
66687
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 10:17:59 GMT
etag
2603938475786422795
expires
Sat, 14 Oct 2023 10:17:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
0.php
s4.histats.com/stats/ 		51 B
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4570762&@f16&@g1&@h1&@i1&@j1696135765707&@k0&@l1&@m%D8%AF%D8%AE%D9%88%D9%84%20-%20%D8%A7%D9%84%D8%A3%D8%B9%D8%B1%D8%A7%D9%81&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-191609260&@b3:1696135766&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fala3raf.net%2Flogin&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns561935.ip-54-39-128.net
Software
/
Resource Hash
6a33a6c477e4cc96081f3c838cd717965b232e2a8b291f57234d0799035ed765

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 04:49:18 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8
cookie.js
partner.googleadservices.com/gampad/ 		389 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ala3raf.net&callback=_gfp_s_&client=ca-pub-8343227950611411
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
1f759f6ec19dc707f3c43f05eb1ad90d0a31f78e07d999e6faab95dc510f2db0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 48DA 		251 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1696128565&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fala3raf.net%2Flogin&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765661&bpp=19&bdt=922&idt=122&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8342124909072&frm=20&pv=2&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=141
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
472c1fe4668011146ccb5a8d1b15ba4e32cb47b09d49688acc2e1028f867f8d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
57695
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 04:49:26 GMT
expires
Sun, 01 Oct 2023 04:49:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3696 		112 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696128565&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765680&bpp=2&bdt=941&idt=128&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eSRbZpZ57n&p=https%3A//ala3raf.net&dtd=131
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
d9846434754dead611cc1d6f7b154afd4025cc25145a09d2eee46d3070725e1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40194
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 04:49:26 GMT
expires
Sun, 01 Oct 2023 04:49:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
7a9087b9716ee70ebefd221ff96707f0.js
www.gstatic.com/mysidia/ Frame 3696 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7a9087b9716ee70ebefd221ff96707f0.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696128565&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765680&bpp=2&bdt=941&idt=128&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eSRbZpZ57n&p=https%3A//ala3raf.net&dtd=131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
ce8f9d182af5969cdafad9b5f0e5c1fb14d5d087b3d798c44ee208b00684cc35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3907
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 20:14:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 10:18:01 GMT
e90fa93b117dc424f62dd20c7a276c74.js
www.gstatic.com/mysidia/ Frame 3696 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e90fa93b117dc424f62dd20c7a276c74.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696128565&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765680&bpp=2&bdt=941&idt=128&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eSRbZpZ57n&p=https%3A//ala3raf.net&dtd=131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
86ba91ffdcece964d969b05cff1c7b3b94532e589870491f0714f6da82844971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 20:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
461366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4835
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 20:14:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 20:40:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 3696 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696128565&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765680&bpp=2&bdt=941&idt=128&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eSRbZpZ57n&p=https%3A//ala3raf.net&dtd=131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
43229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 16:48:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 3696 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696128565&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765680&bpp=2&bdt=941&idt=128&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eSRbZpZ57n&p=https%3A//ala3raf.net&dtd=131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
71036
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 09:05:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 3696 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696128565&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765680&bpp=2&bdt=941&idt=128&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eSRbZpZ57n&p=https%3A//ala3raf.net&dtd=131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
43228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 16:48:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3696 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696128565&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765680&bpp=2&bdt=941&idt=128&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eSRbZpZ57n&p=https%3A//ala3raf.net&dtd=131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Oct 2023 04:49:26 GMT
fda82c26911938d9c7ca79f9220f8b0c.js
www.gstatic.com/mysidia/ Frame 3696 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696128565&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765680&bpp=2&bdt=941&idt=128&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eSRbZpZ57n&p=https%3A//ala3raf.net&dtd=131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15328
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 20:14:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 10:18:01 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
57a3ebff5a5f56c8df2091c5a4cc33b753954be4d18ae208c0ef8471cb1bb1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53738
x-xss-protection
0
server
cafe
etag
7028321802555605322
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 04:49:26 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 45C8 		92 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
980362a6d3fd51dfe786243deaccee1b3fab45ee693b5c1b884e644485f42bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
37996
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 04:49:26 GMT
expires
Sun, 01 Oct 2023 04:49:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A9F6 		436 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=50&adk=3573649038&adf=2347765671&pi=t.aa~a.1340144624~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x50&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=1&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=G5TgwtUjt2&p=https%3A//ala3raf.net&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c8f2cc60f9aeeb1228c83ce01dde49fcca820ef0c21c407b34d386fbce58c997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 04:49:26 GMT
expires
Sun, 01 Oct 2023 04:49:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/ Frame E453 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
34340
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 19:17:06 GMT
etag
2603938475786422795
expires
Sat, 14 Oct 2023 19:17:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/ Frame CF92 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
34340
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 19:17:06 GMT
etag
2603938475786422795
expires
Sat, 14 Oct 2023 19:17:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame E453 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 01 Oct 2023 04:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 01 Oct 2023 04:38:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 01 Oct 2023 04:49:26 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E453 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 09:09:18 GMT
x-content-type-options
nosniff
age
416408
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 25 Sep 2024 09:09:18 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E453 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 20:11:31 GMT
x-content-type-options
nosniff
age
117475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 28 Sep 2024 20:11:31 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame E453 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 21:24:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
26669
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6551
x-xss-protection
0
server
cafe
etag
511223485441000916
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 21:24:57 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame E453 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 17:10:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
41940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
5625731030761120726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 17:10:26 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame D994 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9280fc33175448c5507ac6c072534b38adbedff69248bb67940a0c1e598d876c

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 01 Oct 2023 04:49:26 GMT
content-encoding
br
last-modified
Fri, 22 Sep 2023 16:16:52 GMT
x-azure-ref-originshield
0/5wYZQAAAABitdWdk0oDRZ7Em3cR4LsvRlJBMjMxMDUwNDE4MDM3ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
QfEVvja98J3suHAdWTgvwQ==
etag
0x8DBBB8754CA0D88
x-azure-ref
0V/oYZQAAAAAs7gyogLZqRYMhh9PHYD+FWlJIRURHRTEzMTMAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
de821179-d01e-0062-2803-f37e98000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame D994 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Wed, 10 Jul 2024 11:56:20 GMT
Date
Sun, 01 Oct 2023 04:49:26 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
7059188
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27646
X-Served-By
cache-lga21944-LGA, cache-fra-eddf8230032-FRA
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
X-Timer
S1696135767.758095,VS0,VE0
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
5, 446189
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame D994 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
71036
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 09:05:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame D994 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
43228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 16:48:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D994 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Oct 2023 04:49:26 GMT
c.gif
www.bing.com/aes/ Frame D994
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c821a784-5be9-464e-8426-124a2227726a&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=65029e30-d63e-4148...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5c1acbafb158473080c899ceb5097de7&SNR=1&GV=2&med=10
0
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5c1acbafb158473080c899ceb5097de7&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
2.23.209.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-187.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E59F1E0239CA44728631AECCD624459D Ref B: FRA31EDGE0107 Ref C: 2023-10-01T04:49:27Z
x-cdn-traceid
0.3bd01702.1696135767.17d0a4a1
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sun, 01 Oct 2023 04:49:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 48513C79D2A540DF8BD64FA0F6A6B1BF Ref B: FRA31EDGE0706 Ref C: 2023-10-01T04:49:27Z
x-cdn-traceid
0.3bd01702.1696135767.17d0a464
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5c1acbafb158473080c899ceb5097de7&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame B099 		2 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
43228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 16:48:58 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame B099 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
43229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 16:48:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame B099 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
71036
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 09:05:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame B099 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
43228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 16:48:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B099 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Oct 2023 04:49:26 GMT
fda82c26911938d9c7ca79f9220f8b0c.js
www.gstatic.com/mysidia/ Frame B099 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15328
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 20:14:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 10:18:01 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 3696 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696128565&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765680&bpp=2&bdt=941&idt=128&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eSRbZpZ57n&p=https%3A//ala3raf.net&dtd=131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:04:01 GMT
x-content-type-options
nosniff
age
85525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 05:04:01 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame F755 		143 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696128565&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765680&bpp=2&bdt=941&idt=128&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eSRbZpZ57n&p=https%3A//ala3raf.net&dtd=131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696128565&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765680&bpp=2&bdt=941&idt=128&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eSRbZpZ57n&p=https%3A//ala3raf.net&dtd=131
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2468
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 04:08:18 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3696 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc769f4f23d632dc703230b7fd99d86afa6b53ceb69b017acad37e32e06c34f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
17128157646191172280
tpc.googlesyndication.com/simgad/ Frame 45C8 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17128157646191172280?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql9E9VigNON2Odl1-KeljDloLKenQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
8b06ffaaa33fc2eed500c30799ad46f41261061649dfd6367fc478e4c8b0c84b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:27 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32383
x-xss-protection
0
last-modified
Wed, 31 Oct 2018 11:19:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 30 Sep 2024 04:49:27 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 45C8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
43229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 16:48:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 45C8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
71037
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 09:05:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 45C8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
43228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame 45C8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNtWY-v91PN8tA25yve9Xatat7fKiNgcepGrqLIxScEgrkwYbMFl_fdqh6B_9VqBSMxsPr02eaE-EJc6Wd0UGnmmnnlw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 45C8 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Oct 2023 04:49:27 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 45C8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
33eefdbd02580f81ccdf0cf481b07e52ed5bc9e5b814aab76dcac4435d2da608
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
42656
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
server
cafe
etag
2376861509777232683
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 16:58:31 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame DDB2 		143 B
204 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2469
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 04:08:18 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7600 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
75242
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 07:55:25 GMT
etag
48472445140208031
expires
Sun, 01 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame F755
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696128565&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765680&bpp=2&bdt=941&idt=128&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eSRbZpZ57n&p=https%3A//ala3raf.net&dtd=131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 04:49:27 GMT
expires
Sun, 01 Oct 2023 04:49:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 04:49:27 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
pagead2.googlesyndication.com/bg/ Frame F9A6 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
7f672aa6b371698d86396d642459de7d087aeca2dbc8903649c1620622f75bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:40:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
378532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14693
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:40:35 GMT
truncated
/ Frame 45C8 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
923147dbe95ae041e092696e24e50ef93207b85473db076f6835c8df44f3223d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 7600
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPBqj_qqOlpQtjrlj9a1kpw&google_cver=1&google_push=AXcoOmRF38dWZ0PMhKhH_j5Aj9ippDYZt-84-9_hwkenN7hte4cH5foFmqG5FM9RKl7qzewrCLqOl...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRF38dWZ0PMhKhH_j5Aj9ippDYZt-84-9_hwkenN7hte4cH5foFmqG5FM9RKl7qzewrCLqOl6NKkU1rZ_DTp06ZALQnrbgu
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRF38dWZ0PMhKhH_j5Aj9ippDYZt-84-9_hwkenN7hte4cH5foFmqG5FM9RKl7qzewrCLqOl6NKkU1rZ_DTp06ZALQnrbgu
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 01 Oct 2023 04:49:26 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 3E7D56823EAC466DA489D21D05F34410 Ref B: ZRHEDGE1706 Ref C: 2023-10-01T04:49:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRF38dWZ0PMhKhH_j5Aj9ippDYZt-84-9_hwkenN7hte4cH5foFmqG5FM9RKl7qzewrCLqOl6NKkU1rZ_DTp06ZALQnrbgu
x-li-proto
http/2
content-length
0
x-li-uuid
AAYGoGHqA7PXf8F71oesIA==
pixel
cm.g.doubleclick.net/ Frame 7600
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEJUy5yXlpdWJVoDw_l1yr9E&google_cver=1&google_push=AXcoOmQNPRtaZ_Kt8nqjkc7A9s4hvCeZA1RGVmd5TP4fhCEgxAVdb9U9hSYV9ufIkRX2zIL2NHxpTN_p0wT...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQNPRtaZ_Kt8nqjkc7A9s4hvCeZA1RGVmd5TP4fhCEgxAVdb9U9hSYV9ufIkRX2zIL2NHxpTN_p0wTYlsuFd8FoqHBlNhUilA
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQNPRtaZ_Kt8nqjkc7A9s4hvCeZA1RGVmd5TP4fhCEgxAVdb9U9hSYV9ufIkRX2zIL2NHxpTN_p0wTYlsuFd8FoqHBlNhUilA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQNPRtaZ_Kt8nqjkc7A9s4hvCeZA1RGVmd5TP4fhCEgxAVdb9U9hSYV9ufIkRX2zIL2NHxpTN_p0wTYlsuFd8FoqHBlNhUilA
Date
Sun, 01 Oct 2023 04:49:27 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame 7600
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEIriSDHKR1Ba-Avk5wuDgq4&google_cver=1&google_push=AXcoOmS0A_Oy2sMx8Syjl7cnrDGV9QAcjUfTE1fi4VerOMA-_kAY_Xl3CwpI5gRR80GLR1ZLw_nTfT5KS7aedDohCQC7w0vnRQtqaw
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OFViLXpYeHZCdzJyd2J0ZlZfb1laUQ%3D%3D&google_push=AXcoOmS0A_Oy2sMx8Syjl7cnrDGV9QAcjUfTE1fi4VerOMA-_kAY_Xl3CwpI5gRR80GLR1ZLw_nTfT5KS7aed...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OFViLXpYeHZCdzJyd2J0ZlZfb1laUQ%3D%3D&google_push=AXcoOmS0A_Oy2sMx8Syjl7cnrDGV9QAcjUfTE1fi4VerOMA-_kAY_Xl3CwpI5gRR80GLR1ZLw_nTfT5KS7aedDohCQC7w0vnRQtqaw
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 01 Oct 2023 04:49:27 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OFViLXpYeHZCdzJyd2J0ZlZfb1laUQ%3D%3D&google_push=AXcoOmS0A_Oy2sMx8Syjl7cnrDGV9QAcjUfTE1fi4VerOMA-_kAY_Xl3CwpI5gRR80GLR1ZLw_nTfT5KS7aedDohCQC7w0vnRQtqaw
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
245
pixel
cm.g.doubleclick.net/ Frame 7600
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGMIheshDPlyhDLWzThTwpw&google_cver=1&google_push=AXcoOmSjSWBkZK9w5zJ_TX__guTarAmxy8oTL5l3hNyZ9dznSOswivu72BCjco_-FTliF1x3_kfcUqy2AJxhU-G_3uHX...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGMIheshDPlyhDLWzThTwpw&google_cver=1&google_push=AXcoOmSjSWBkZK9w5zJ_TX__guTarAmxy8oTL5l3hNyZ9dznSOswivu72BCjco_-FTliF1x3_kfcUqy2AJxhU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSjSWBkZK9w5zJ_TX__guTarAmxy8oTL5l3hNyZ9dznSOswivu72BCjco_-FTliF1x3_kfcUqy2AJxhU-G_3uHXguZDP6L2XA&google_hm=tFuZt5aTSee_EbFj5E4gIg==
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSjSWBkZK9w5zJ_TX__guTarAmxy8oTL5l3hNyZ9dznSOswivu72BCjco_-FTliF1x3_kfcUqy2AJxhU-G_3uHXguZDP6L2XA&google_hm=tFuZt5aTSee_EbFj5E4gIg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSjSWBkZK9w5zJ_TX__guTarAmxy8oTL5l3hNyZ9dznSOswivu72BCjco_-FTliF1x3_kfcUqy2AJxhU-G_3uHXguZDP6L2XA&google_hm=tFuZt5aTSee_EbFj5E4gIg==
date
Sun, 01 Oct 2023 04:49:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7600
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEC4jxuSnFoaaW68BIgNO8mQ&google_cver=1&google_push=AXcoOmTO-OSnsKGa1_ZJqB_O5_PYDgy7Jke9l_LlnnBGdRCeOAlb3JyOyCIMVcZOVSptKeJ37gWgIcErZqiYRCqj5hXhovi...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEC4jxuSnFoaaW68BIgNO8mQ&google_cver=1&google_push=AXcoOmTO-OSnsKGa1_ZJqB_O5_PYDgy7Jke9l_LlnnBGdRCeOAlb3JyOyCIMVcZOVSptKeJ37gWgIcErZqiYRCqj5hXho...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTO-OSnsKGa1_ZJqB_O5_PYDgy7Jke9l_LlnnBGdRCeOAlb3JyOyCIMVcZOVSptKeJ37gWgIcErZqiYRCqj5hXhoviwWGhd
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTO-OSnsKGa1_ZJqB_O5_PYDgy7Jke9l_LlnnBGdRCeOAlb3JyOyCIMVcZOVSptKeJ37gWgIcErZqiYRCqj5hXhoviwWGhd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTO-OSnsKGa1_ZJqB_O5_PYDgy7Jke9l_LlnnBGdRCeOAlb3JyOyCIMVcZOVSptKeJ37gWgIcErZqiYRCqj5hXhoviwWGhd
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 7600
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEtWo4LD3Cxlqzt9Sb5TxqY&google_cver=1&google_push=AXcoOmSyOrxk5DKtI1mHbv3k3B_LCwLbbRZeSARogAN9BuXznNmLgbpkM2sbL3JT60LZkJS1omcs0lQm...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEtWo4LD3Cxlqzt9Sb5TxqY&google_cver=1&google_push=AXcoOmSyOrxk5DKtI1mHbv3k3B_LCwLbbRZeSARogAN9BuXznNmLgbpkM2sbL3JT60LZkJS1omc...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAyMDYyOTkxNzQ4Mjk5MTI2OA&google_push=AXcoOmSyOrxk5DKtI1mHbv3k3B_LCwLbbRZeSARogAN9BuXznNmLgbpkM2sbL3JT60LZkJS1omcs0l...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAyMDYyOTkxNzQ4Mjk5MTI2OA&google_push=AXcoOmSyOrxk5DKtI1mHbv3k3B_LCwLbbRZeSARogAN9BuXznNmLgbpkM2sbL3JT60LZkJS1omcs0lQmr95m_6hFMVewBr2kiQCH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAyMDYyOTkxNzQ4Mjk5MTI2OA&google_push=AXcoOmSyOrxk5DKtI1mHbv3k3B_LCwLbbRZeSARogAN9BuXznNmLgbpkM2sbL3JT60LZkJS1omcs0lQmr95m_6hFMVewBr2kiQCH
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 7600
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOMrM2dCKVB6pAyIgPsjX_o&google_cver=1&google_push=AXcoOmRmVaRcIeG3ikxtHu7gHG1yzGN5PCqHfkNKFWisQlHgm7mPaBvdqUR66bBa0Cb6ZnlosR0LS9umAIU4Wlx...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jiGffe8eX7Zrdcy7rdLAV1OWB-w&google_push=AXcoOmRmVaRcIeG3ikxtHu7gHG1yzGN5PCqHfkNKFWisQlHgm7mPaBvdqUR66bBa0Cb6ZnlosR0LS9umAIU4Wl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jiGffe8eX7Zrdcy7rdLAV1OWB-w&google_push=AXcoOmRmVaRcIeG3ikxtHu7gHG1yzGN5PCqHfkNKFWisQlHgm7mPaBvdqUR66bBa0Cb6ZnlosR0LS9umAIU4WlxjOJ9mhmFvimHpPQ
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jiGffe8eX7Zrdcy7rdLAV1OWB-w&google_push=AXcoOmRmVaRcIeG3ikxtHu7gHG1yzGN5PCqHfkNKFWisQlHgm7mPaBvdqUR66bBa0Cb6ZnlosR0LS9umAIU4WlxjOJ9mhmFvimHpPQ
Date
Sun, 01 Oct 2023 04:49:27 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 7600 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Je8JBQOaAdQQjfSOAfWQGBlX4rvWMmq4aZRISXoYmts4Blyoo8BKBYWVfSZVz0gTi3kPoT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame DDB2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 04:49:27 GMT
expires
Sun, 01 Oct 2023 04:49:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 04:49:27 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
th
www.bing.com/ Frame D994 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7559525959575_1WKR9BJYMURSFKBTL5&pid=21.2&c=16&roil=0.2167&roit=0&roir=0.7833&roib=1&w=180&h=180&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-187.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1db5d3415c13fc4192850a818c0cfaa7391e3bd5025a7d7cc01099a89b3756c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.3bd01702.1696135767.17d0a498
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
13329
alt-svc
h3=":443"; ma=93600
rd_log
ams3-ib.adnxs.com/ Frame D994 		0
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Flogin&e=wqT_3QLtA-jtAQAAAwDWAAUBCNb046gGEIbg1p2soanMRRgAKjYJY-NWzOFNtj8R2D1955WitT8ZAAAAIFyP8j8h2A0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjW9AWAAQGKAQNVU0SSAQEG8J-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCGWh0dHBzOi8vYWxhM3JhZi5uZXQvbG9naW6AAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6AcFYiAUBmAUAoAX6wbvix-eviQzABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAQGLYOAGAfIGAggAgAcBiAcAoAcByAfW9AXSBw0VZRwQABgA2gcGCAUJnOAHAOoHAggA8Afsgw2KCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=656652835aaa0b96b2541d4f8e1b9d923fdb7e65&bdref=https%3A%2F%2Fala3raf.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fala3raf.net%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230927%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-8343227950611411%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D3%26xpc%3DEYsmZSjiCr%26p%3Dhttps%253A%2F%2Fala3raf.net,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230927%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:27 GMT
an-x-request-uuid
42ee6324-f2df-44ed-bdf1-94340fc5586e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
83.150.7.236; 83.150.7.236; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame D994 		0
554 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Flogin&e=wqT_3QKLB-iLAwAAAwDWAAUBCNb046gGEIbg1p2soanMRRgAKjYJY-NWzOFNtj8R2D1955WitT8ZAAAAIFyP8j8h2A0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjW9AWAAQGKAQNVU0SSAQEG8GGYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCGWh0dHBzOi8vYWxhM3JhZi5uZXQvbG9naW6AAwCIAwGQAwCYAwmgAwGqA5oDCrACaHR0cAEv8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NjUwMjllMzAtZDYzZS00MTQ4LWI3NmEtNjcxMTA4ODdmYTQ1JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgA2jnEANHJ0eXBlPW51cmwmdGFnAadsOTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ8GlwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNTAxNDkzOTY1MDcyODc2NzQ5NCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE16TlRjeE16QTNNak15T1RBak1qARTwfUUxTmpVek9UTXhPVGd3TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX6wbvix-eviQzABQDJBQAAAAAAAPA_0gUJCQkMeAAA2AUB4AUB8AWSrjT6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH1vQF0gcNCREoASYM2gcGCAUJqOAHAOoHAggA8Afsgw2KCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=d3424352a7f88106f80efcc5791b02706cef08ff&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=5432367031620383549&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:27 GMT
an-x-request-uuid
10e6d750-24cf-4a28-8199-6db8d9096e08
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
83.150.7.236; 83.150.7.236; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame D994 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e86070fd23c1c0282c0303fbf760149d11bcd20d5abbee7493ca1c9866f3c49

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame D994 		0
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COpK_VvoYZbuzB-a4xdwPzdaUsATS4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04MzQzMjI3OTUwNjExNDExyAEJqAMByAMCqgTpAU_QFo3Q7mgeUiUMO5p7fdDPBXRot-ZlDDcHaRyJWppHUL1QaQzqJyr1r40Zpnp27mIyRC9T51arRgN_089vrcwMCWSDAFUM9LE47ESr10HmAu1sP-z52tZhcQV4sn19pDEOEZ3IkS2lO4Wh5zLJxflkHjfsf8ngG52R2pLiLGts6PJqV55GRxinxjpMEnYwB4E18oRFMhEI-T5n_7SeQRYNwsbYTx2zLMhveGeMH3QFXTODjzjtm38VsUy03P4k3mGblrC3YgrghSdZ5glrcqmMViSFBVKZM1RsZ89GrCVUIS02YnCgwaS2gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MzQzMjI3OTUwNjExNDExGAA&sigh=PPctnCWVH9E&uach_m=[UACH]&cid=CAQSGwDICaaNNYhAIiorpqJx2ss210W_IND3AZaA6BgB&cbvp=2&vis=1
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 01 Oct 2023 04:49:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame D994 		0
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Flogin&e=wqT_3QKLB-iLAwAAAwDWAAUBCNb046gGEIbg1p2soanMRRgAKjYJY-NWzOFNtj8R2D1955WitT8ZAAAAIFyP8j8h2A0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjW9AWAAQGKAQNVU0SSAQEG8GGYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCGWh0dHBzOi8vYWxhM3JhZi5uZXQvbG9naW6AAwCIAwGQAwCYAwmgAwGqA5oDCrACaHR0cAEv8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NjUwMjllMzAtZDYzZS00MTQ4LWI3NmEtNjcxMTA4ODdmYTQ1JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgA2jnEANHJ0eXBlPW51cmwmdGFnAadsOTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ8GlwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNTAxNDkzOTY1MDcyODc2NzQ5NCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE16TlRjeE16QTNNak15T1RBak1qARTwfUUxTmpVek9UTXhPVGd3TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX6wbvix-eviQzABQDJBQAAAAAAAPA_0gUJCQkMeAAA2AUB4AUB8AWSrjT6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH1vQF0gcNCREoASYM2gcGCAUJqOAHAOoHAggA8Afsgw2KCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=d3424352a7f88106f80efcc5791b02706cef08ff&pp=ZRj6VgAB2bsFkVxmAAUrTQnUb-vy-WIagU6vnQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx_r3VvoYZbuzB-a4xdwPzdaUsATS4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04MzQzMjI3OTUwNjExNDExyAEJqAMByAMCqgTsAU_QFo3Q7mgeUiUMO5p7fdDPBXRot-ZlDDcHaRyJWppHUL1QaQzqJyr1r40Zpnp27mIyRC9T51arRgN_089vrcwMCWSDAFUM9LE47ESr10HmAu1sP-z52tZhcQV4sn19pDEOEZ3IkS2lO4Wh5zLJxflkHjfsf8ngG52R2pLiLGts6PJqV55GRxinxjpMEnYwB4E18oRFMhEI-T5n_7SeQRYNwsbYTx2zLMhveGeMH3QFXTODjzjtm38VsUy03P4k3mGblvK1Q5giId00cvMfxzfV0pKBJlgdOnp0vm3A9aHooQcaerAhI8kiIy3ogAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2oDg-bDOs1N9ploBkM0Dg0c18dtQ%26client%3Dca-pub-8343227950611411%26adurl%3D&cbvp=2
Requested by
Host: ala3raf.net
URL: https://ala3raf.net/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:27 GMT
an-x-request-uuid
37135cb5-12c9-4060-b636-f48fabf3a56c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
83.150.7.236; 83.150.7.236; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 45C8
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CRvcmVvoYZYbDJJe2xdwPvqSGgAbGm5rfZPqyhfajCNzR2ZuXDhABIOfnuR5g9ZXOgeAEoAGchq_1AsgBAqkCewBzMmpUsj6oAwHIA8kEqgT2AU_QF_QWKmk9Zozm_VVoC0LYj1E-6XgrkRO...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9b200366835ebbe40000000000000000%22,%222%22:%220x66e39f6688dc93a70000000000000000%22,%223%22:%220x98c8ca...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9b200366835ebbe40000000000000000%22,%222%22:%220x66e39f6688dc93a70000000000000000%22,%223%22:%220x98c8ca606188edd30000000000000000%22,%224%22:%220xb7b78964032c4fca0000000000000000%22,%225%22:%220xd17f97947ffef4070000000000000000%22},%22debug_key%22:%2212807572352979984755%22,%22debug_reporting%22:true,%22destination%22:%22https://bvs-bildungszentrum.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22783008540%22],%224%22:[%2210-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216653345012411666705%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:27 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x9b200366835ebbe40000000000000000","2":"0x66e39f6688dc93a70000000000000000","3":"0x98c8ca606188edd30000000000000000","4":"0xb7b78964032c4fca0000000000000000","5":"0xd17f97947ffef4070000000000000000"},"debug_key":"12807572352979984755","debug_reporting":true,"destination":"https://bvs-bildungszentrum.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["783008540"],"4":["10-01"],"6":["true"]},"priority":"500","source_event_id":"16653345012411666705"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 01 Oct 2023 04:49:27 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 01 Oct 2023 04:49:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9b200366835ebbe40000000000000000","2":"0x66e39f6688dc93a70000000000000000","3":"0x98c8ca606188edd30000000000000000","4":"0xb7b78964032c4fca0000000000000000","5":"0xd17f97947ffef4070000000000000000"},"debug_key":"12807572352979984755","debug_reporting":true,"destination":"https://bvs-bildungszentrum.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["783008540"],"4":["10-01"],"6":["true"]},"priority":"500","source_event_id":"16653345012411666705"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 3696
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CekZrVvoYZcGJB-CqxdwPkem54A2gko71cvLWvvf6EfLs0uCyARABIOfnuR5g9ZXOgeAEoAGb2tCQKcgBAakC5k5SORi9sT6oAwHIA8sEqgT8AU_Q7Ziq_YUXeeQ-blS2LV24GiUFxI3gHw_...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xafd3c9bcbd771eae0000000000000000%22,%222%22:%220x448069caadc7c9d50000000000000000%22,%223%22:%220x7d72d9...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xafd3c9bcbd771eae0000000000000000%22,%222%22:%220x448069caadc7c9d50000000000000000%22,%223%22:%220x7d72d947f23a0daa0000000000000000%22,%224%22:%220x19d91ec42ac743960000000000000000%22,%225%22:%220xfae312c5cafa54670000000000000000%22},%22debug_key%22:%227824223260439486521%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040730395%22],%224%22:[%2210-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215237454845044152977%22}&andc=true
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:27 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xafd3c9bcbd771eae0000000000000000","2":"0x448069caadc7c9d50000000000000000","3":"0x7d72d947f23a0daa0000000000000000","4":"0x19d91ec42ac743960000000000000000","5":"0xfae312c5cafa54670000000000000000"},"debug_key":"7824223260439486521","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11040730395"],"4":["10-01"],"6":["true"]},"priority":"500","source_event_id":"15237454845044152977"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 01 Oct 2023 04:49:27 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 01 Oct 2023 04:49:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xafd3c9bcbd771eae0000000000000000","2":"0x448069caadc7c9d50000000000000000","3":"0x7d72d947f23a0daa0000000000000000","4":"0x19d91ec42ac743960000000000000000","5":"0xfae312c5cafa54670000000000000000"},"debug_key":"7824223260439486521","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11040730395"],"4":["10-01"],"6":["true"]},"priority":"500","source_event_id":"15237454845044152977"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
pagead2.googlesyndication.com/bg/ Frame A8A8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=2183732464&adf=757393324&pi=t.aa~a.3231646571~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696128565&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135765680&bpp=2&bdt=941&idt=128&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eSRbZpZ57n&p=https%3A//ala3raf.net&dtd=131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
7f672aa6b371698d86396d642459de7d087aeca2dbc8903649c1620622f75bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:40:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
378532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14693
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:40:35 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9b200366835ebbe40000000000000000%22,%222%22:%220x66e39f6688dc93a70000000000000000%22,%223%22:%220x98c8ca606188edd30000000000000000%22,%224%22:%220xb7b78964032c4fca0000000000000000%22,%225%22:%220xd17f97947ffef4070000000000000000%22},%22debug_key%22:%2212807572352979984755%22,%22debug_reporting%22:true,%22destination%22:%22https://bvs-bildungszentrum.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22783008540%22],%224%22:[%2210-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216653345012411666705%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 04:49:27 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
7769850f89d7343223a9c1a8ef8a4744add8ad2c48b65d9032d7734ecfe76400
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12388
x-xss-protection
0
f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
pagead2.googlesyndication.com/bg/ Frame 715C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696128566&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696135766546&bpp=1&bdt=1807&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbe86f960a36d667f-2210ed7a77e400b1%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ&gpic=UID%3D00000c8a053f967f%3AT%3D1696135766%3ART%3D1696135766%3AS%3DALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8342124909072&frm=20&pv=1&ga_vid=740110213.1696135766&ga_sid=1696135766&ga_hid=617534457&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44803492%2C31076838%2C31077327%2C44801484&oid=2&pvsid=3427511764636352&tmod=192033511&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AdDUX1ageB&p=https%3A//ala3raf.net&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
7f672aa6b371698d86396d642459de7d087aeca2dbc8903649c1620622f75bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:40:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
378532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14693
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:40:35 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xafd3c9bcbd771eae0000000000000000%22,%222%22:%220x448069caadc7c9d50000000000000000%22,%223%22:%220x7d72d947f23a0daa0000000000000000%22,%224%22:%220x19d91ec42ac743960000000000000000%22,%225%22:%220xfae312c5cafa54670000000000000000%22},%22debug_key%22:%227824223260439486521%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040730395%22],%224%22:[%2210-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215237454845044152977%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 04:49:27 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 Oct 2023 04:49:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7B56 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
33745
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 19:27:02 GMT
expires
Sun, 29 Sep 2024 19:27:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 806D 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
966f4dbe474cb4686c5d69b67f3e68234b749f020ef986a569ea330b3e2020ed
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XXi7L9rNXgG1xJIrJ2GYlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ala3raf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-XXi7L9rNXgG1xJIrJ2GYlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 04:49:27 GMT
expires
Sun, 01 Oct 2023 04:49:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 806D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=3427511764636352&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame 7B56 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:19:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
153003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Sep 2024 10:19:24 GMT
generate_204
tpc.googlesyndication.com/ Frame 7B56 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?B2UTvg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 04:49:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
c.gif
www.bing.com/aes/ Frame D994
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c821a784-5be9-464e-8426-124a2227726a&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=65029e30-d63e-4148...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5c1acbafb158473080c899ceb5097de7&tids=15000&med=10
0
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5c1acbafb158473080c899ceb5097de7&tids=15000&med=10
Protocol
H2
Server
2.23.209.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-187.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 98CB4723176042E5BF1FB57EAA344E15 Ref B: FRA31EDGE0519 Ref C: 2023-10-01T04:49:28Z
x-cdn-traceid
0.3bd01702.1696135768.17d0a90b
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sun, 01 Oct 2023 04:49:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E1DDD9AE0B3A45C2AAA5979E0FD680B0 Ref B: FRA31EDGE0706 Ref C: 2023-10-01T04:49:28Z
x-cdn-traceid
0.3bd01702.1696135768.17d0a8b4
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5c1acbafb158473080c899ceb5097de7&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
expires
0
vevent
ams3-ib.adnxs.com/ Frame D994 		0
554 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Flogin&e=wqT_3QKLB-iLAwAAAwDWAAUBCNb046gGEIbg1p2soanMRRgAKjYJY-NWzOFNtj8R2D1955WitT8ZAAAAIFyP8j8h2A0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjW9AWAAQGKAQNVU0SSAQEG8GGYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCGWh0dHBzOi8vYWxhM3JhZi5uZXQvbG9naW6AAwCIAwGQAwCYAwmgAwGqA5oDCrACaHR0cAEv8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NjUwMjllMzAtZDYzZS00MTQ4LWI3NmEtNjcxMTA4ODdmYTQ1JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgA2jnEANHJ0eXBlPW51cmwmdGFnAadsOTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ8GlwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNTAxNDkzOTY1MDcyODc2NzQ5NCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE16TlRjeE16QTNNak15T1RBak1qARTwfUUxTmpVek9UTXhPVGd3TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX6wbvix-eviQzABQDJBQAAAAAAAPA_0gUJCQkMeAAA2AUB4AUB8AWSrjT6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH1vQF0gcNCREoASYM2gcGCAUJqOAHAOoHAggA8Afsgw2KCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=d3424352a7f88106f80efcc5791b02706cef08ff&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=5432367031620383549&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:28 GMT
an-x-request-uuid
b3d1a2d1-cef1-48da-bde2-8e4b3a2d8190
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
83.150.7.236; 83.150.7.236; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D994 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKHKloRbfHU9Bc2IT0vfWn707rw8BEJs0C4Di-XzkO4B36gZfrX6dNC9ptdfCYLB67Wvt5uSERxcKvKm51K-cnBwinXamoDEMx_Doe&sig=Cg0ArKJSzPAIyq5eu3WJEAE&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696135766662&rpt=641&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3696 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEEKYPH9h95gChOu38Fa9rr_BStgnqvI7rUGEnt16_ie-H10VVv8ycyJFkNReZHaPdAVaXkB5LZwP9vQO0LMiN8MODo7rmbmmo-y6ZHbmIs7-tteD8gMibUpTJS4eaFoEZxufR61D5cw&sai=AMfl-YSudxr3tiX6m0NZMr3dx9uK-XO4Y_oQyQsxO8Y-bnapg-ipAXeyWKmElw3n-ciwD60Ark1upCdVkSuk&sig=Cg0ArKJSzJbhHwPgq1MQEAE&cid=CAQSGwDICaaNfUCup_8RzMM2ndE7uVvwpEU8tu1ZdhgB&id=lidar2&mcvt=1003&p=0,0,280,1200&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2183732464&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696135765812&rpt=1647&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 04:49:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230927&jk=3427511764636352&bg=!mJulm9TNAAYEJRtnJCU7ADQBe5WfOAAYPshXn1pIYfrmEukUoiVKRxJ0JMJhvZmxtqhp9jneXsLTC-QhwJcQGQNsecNMAgAAAKxSAAAADWgBBwoAGIa4UTX4lZHZZtDjrHL7Iy_RkmcQcJRLLpkCsbFTX_d0sqNbADRc6lTm19r61IClXAbCafkddUWUJ147Oj5aeCx67FfXihCdl1cQRJKegONm7Lod-lsrrKICuSxzUdp93HnPftvvNs3ygAdMhVZKOepD2WSl1fhpzqsizI5JdxuXJpKIE345Rs00C42ENZIpemX1dP8BAXDf-iAADGQWqnYfZexPgza2tgczu9DAryRpVAI9QZMOHyZf4GYmeictoxSqU31_0nhWJt-DaN40Gi8Gfyz8hVoXKnCVL3XoAKNqBo5mpwfcl2Z58ewP37lH_SP8epnm8qMrrlKMB1KrzQMj5okKTEghJZH_5IS_3LoMntM3UI4YE0pMeNp-_jIOPso4eNa3T29sk9lswokHVQdwwvJVEXvQ5b6D-1mdL2PMGkEa5MIuQQLeD9ANu9mS19yP2o9PnQ0-Tx4xhHRKa4YAzC0e7YGtcCBRtkubXjZ6AF72isfeL19Y8xz6WG0Jj0lylQD3JbvsLCGHNdRJ-fkB4E3IeWnAKckr8p4UnB6eoM-FaYt05ZRwxghiDXZTWolzuWtUfqFLbFHXoc2LbvM6v1WZW_8va1XLmgO9SoGqV0w6vGC92zcl24X56-mnVaSvf4LBoBEDtWFjTnz5_gy5c_S_A5EjZ1f__EFVRtqaiyQBlBK7_m5J3rWVRKVeGFxVvG5U4ysA_V7FBpx3N9SFj78dqB7XvUgMbrJ7UnfrkLbCxwONliLKqSgF67et_rCHg_Ru2XnX9PhWztDDVP3IcNTchdzrRLSxvWGCdOaRd0MDiengnGGs15rYnhlvmNC3ervQc_PT-UuaCyIrVChbsviRw74AzelaVWS86z4-uTEUWr7Ddpi7yPSarZcIZ6XOG-wEByEpp7mbluFOAtV-lfkFxsTMAcBkzBKzwfhQ8NfGobFV-wi9KdsV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ala3raf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| documentPictureInPicture string| qa_root string| qa_request function| $ function| jQuery number| _x000ade32f function| _x1ab32cdf function| qa_reveal function| qa_conceal function| qa_set_inner_html function| qa_set_outer_html function| qa_show_waiting_after function| qa_hide_waiting function| qa_vote_click function| qa_notice_click function| qa_favorite_click function| qa_ajax_post function| qa_ajax_error function| qa_display_rule_show object| qa_element_revealed function| qa_toggle_element function| qa_submit_answer function| qa_submit_comment function| qa_answer_click function| qa_comment_click function| qa_show_comments function| qa_form_params function| qa_scroll_page_to function| qa_title_change function| qa_html_unescape function| qa_html_escape function| qa_tag_click function| qa_tag_hints function| qa_tags_to_html function| qa_caret_from_end function| qa_tag_typed_parts function| qa_category_select function| set_category_description function| qa_submit_wall_post function| qa_wall_post_click function| qa_pm_click object| b object| adsbygoogle object| _Hasync object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| chfh function| chfh2 string| _HST_cntval object| Histats function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| _HistatsCounterGraphics_0_setValues object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

34 Cookies

Domain/Path Name / Value
ala3raf.net/ Name: PHPSESSID
Value: pt388he74mmapd8isqtgc1c9q5
ala3raf.net/ Name: qa_key
Value: 6xm5efukevw0vj5ubda9x1cidtdqga9p
ala3raf.net/ Name: HstCfa4570762
Value: 1696135765707
ala3raf.net/ Name: HstCla4570762
Value: 1696135765707
ala3raf.net/ Name: HstCmu4570762
Value: 1696135765707
ala3raf.net/ Name: HstPn4570762
Value: 1
ala3raf.net/ Name: HstPt4570762
Value: 1
ala3raf.net/ Name: HstCnv4570762
Value: 1
ala3raf.net/ Name: HstCns4570762
Value: 1
.ala3raf.net/ Name: __gads
Value: ID=be86f960a36d667f-2210ed7a77e400b1:T=1696135766:RT=1696135766:S=ALNI_MbXIsCZaD9gYd1S-5oiciR0UFiJYQ
.ala3raf.net/ Name: __gpi
Value: UID=00000c8a053f967f:T=1696135766:RT=1696135766:S=ALNI_MYYNO9ooNWrGhG_DqGJ_Kano-mfBg
.doubleclick.net/ Name: IDE
Value: AHWqTUnR0-RIfzjJmfdyCJe2ecymn4qb-LoQMDfqd_5tPNBItCN2xr4l-K2JflILxuU
.bing.com/ Name: MUID
Value: 2FD55128F9E564C63F4242B5F849654C
.bidswitch.net/ Name: tuuid
Value: b45b99b7-9693-49e7-bf11-b163e44e2022
.bidswitch.net/ Name: c
Value: 1696135767
.bidswitch.net/ Name: tuuid_lu
Value: 1696135767
.adsby.bidtheatre.com/ Name: __kuid
Value: e58d0898-1b2d-43a2-b58a-dc1d082edaa6.465349767
.de17a.com/ Name: guid
Value: 1.366850176299753878
.adform.net/ Name: C
Value: 1
.bidswitch.net/ Name: google_push
Value: AXcoOmSjSWBkZK9w5zJ_TX__guTarAmxy8oTL5l3hNyZ9dznSOswivu72BCjco_-FTliF1x3_kfcUqy2AJxhU-G_3uHXguZDP6L2XA
.adform.net/ Name: uid
Value: 5020629917482991268
.doubleclick.net/ Name: DSID
Value: NO_DATA
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8e219f7d-ef1e-5fb6-6b75-ccbbadd2c057.zMJYhpZtEnRQJgMU2A0uYWfQZnd7d3aYH9qwdjiKQAU
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8e219f7d-ef1e-5fb6-6b75-ccbbadd2c057.zMJYhpZtEnRQJgMU2A0uYWfQZnd7d3aYH9qwdjiKQAU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjiGffe8eX7Zrdcy7rdLAV1OWB-w.p0ZLXROTY0jvlQbjvYQTUxpmNpg%2BbLfYMTGysQS1EqY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjiGffe8eX7Zrdcy7rdLAV1OWB-w.p0ZLXROTY0jvlQbjvYQTUxpmNpg%2BbLfYMTGysQS1EqY
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIOdGLYkg8N_a2GWj4Ns-VEmoxWpdGTiKwLjv8TDaaGqsEHwYBCDX9OOoBjABOgTwi70wQgSyavLQ.9TRmn5s0yfkxSpSjbQnkuE%2F4fID3eXhKa6l3Ir1ZQcU
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIOdGLYkg8N_a2GWj4Ns-VEmoxWpdGTiKwLjv8TDaaGqsEHwYBCDX9OOoBjABOgTwi70wQgSyavLQ.9TRmn5s0yfkxSpSjbQnkuE%2F4fID3eXhKa6l3Ir1ZQcU
.linkedin.com/ Name: bcookie
Value: "v=2&b99489ae-9068-4c33-83d3-e07ef04eb56b"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTYxMzU3Njc7MjswMjH5BjeOlvXo9pzQmZzdYghRoGzn1AWWG+7cZ7m7dXtZuQ==
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2849:u=1:x=1:i=1696135767:t=1696222167:v=2:sig=AQEJyCr-j9L_pNbzMt5NHMrqQMqzrdH8"
.c.appier.net/ Name: _auid
Value: 8Ub-zXxvBw2rwbtfV_oYZQ
.c.appier.net/ Name: _gu
Value: CAESEIriSDHKR1Ba-Avk5wuDgq4
.googleadservices.com/ Name: ar_debug
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
adsdk.microsoft.com
ala3raf.net
ams3-ib.adnxs.com
c1.adform.net
cdn.adnxs.com
cm.g.doubleclick.net
d5p.de17a.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.adsby.bidtheatre.com
pagead2.googlesyndication.com
partner.googleadservices.com
px.ads.linkedin.com
s10.histats.com
s4.histats.com
sync.srv.stackadapt.com
tpc.googlesyndication.com
www.bing.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.20.9.31
13.107.213.44
13.107.42.14
134.122.57.34
139.162.38.30
142.250.184.234
142.250.185.164
142.250.185.194
142.250.185.226
142.250.185.66
142.250.186.130
142.250.186.161
142.250.186.66
142.250.186.67
151.101.1.108
172.217.16.194
172.217.23.99
185.89.210.212
188.114.97.3
2.23.209.187
213.155.156.167
3.125.57.54
37.157.5.84
54.198.162.177
54.39.128.117
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
17173247be2147dd04ece73252ff0a844de3d4797883b4c3643a50b414df1de1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c6500e114cdac56f55c61e0f9e115e760560c1c18bb1b1bfa57ec85ab3b2dcb
1db5d3415c13fc4192850a818c0cfaa7391e3bd5025a7d7cc01099a89b3756c9
1f759f6ec19dc707f3c43f05eb1ad90d0a31f78e07d999e6faab95dc510f2db0
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
338503240a2b1a2a0e52e0a5252920489588e5d55ca4812a9e060b9f6080f823
33eefdbd02580f81ccdf0cf481b07e52ed5bc9e5b814aab76dcac4435d2da608
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
472c1fe4668011146ccb5a8d1b15ba4e32cb47b09d49688acc2e1028f867f8d4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a3ebff5a5f56c8df2091c5a4cc33b753954be4d18ae208c0ef8471cb1bb1b1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
6002e23815ec42acedba12390950c5e1bb68a864af09bc445d29ebafd955acea
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
673b09d876a8d35a8e0beb633961ff166b000f51bd2222c4c13e236bc16eaf87
6a33a6c477e4cc96081f3c838cd717965b232e2a8b291f57234d0799035ed765
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
7769850f89d7343223a9c1a8ef8a4744add8ad2c48b65d9032d7734ecfe76400
7f672aa6b371698d86396d642459de7d087aeca2dbc8903649c1620622f75bc4
806e57f8c7da1780198e2945ab05cab7a252d020bd5049fdc281fa2c62423349
86ba91ffdcece964d969b05cff1c7b3b94532e589870491f0714f6da82844971
8b06ffaaa33fc2eed500c30799ad46f41261061649dfd6367fc478e4c8b0c84b
8e86070fd23c1c0282c0303fbf760149d11bcd20d5abbee7493ca1c9866f3c49
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
923147dbe95ae041e092696e24e50ef93207b85473db076f6835c8df44f3223d
9280fc33175448c5507ac6c072534b38adbedff69248bb67940a0c1e598d876c
966f4dbe474cb4686c5d69b67f3e68234b749f020ef986a569ea330b3e2020ed
980362a6d3fd51dfe786243deaccee1b3fab45ee693b5c1b884e644485f42bc4
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
bc4786439820152786f876016c0f9f92f0dab004a26a539a05d067fefd72d22a
bc769f4f23d632dc703230b7fd99d86afa6b53ceb69b017acad37e32e06c34f5
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
c8f2cc60f9aeeb1228c83ce01dde49fcca820ef0c21c407b34d386fbce58c997
cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb
ce8f9d182af5969cdafad9b5f0e5c1fb14d5d087b3d798c44ee208b00684cc35
d9846434754dead611cc1d6f7b154afd4025cc25145a09d2eee46d3070725e1a
e00826bbf0764c1d1c7dcd34a4f28f3a54799d5a68959525a347a958b8246bb6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6feda9ab1946f892fa3a4f0b000d0c756ce03cea59b751361de209054dad2dd