ala3raf.net Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ala3raf.net/user/coastwar80
Submission: On October 26 via manual (October 26th 2023, 1:28:02 am UTC) from US — Scanned from CH

Summary HTTP 82 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 19 domains to perform 82 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ala3raf.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 26th 2023. Valid for: a year.

This is the only time ala3raf.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:91f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	54.39.128.162 54.39.128.162	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5 13	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
11	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.6.69.62 52.6.69.62	14618 (AMAZON-AES) (AMAZON-AES)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2 3	77.88.21.90 77.88.21.90	13238 (YANDEX) (YANDEX)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
82	19

9 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ala3raf.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:91f (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.128.162 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns562109.ip-54-39-128.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2620:1ec:c11::200 (United States) 5 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Mossingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.69.62 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-69-62.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.88.21.90 (Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	357 KB
15	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	63 KB
14	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 2546 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6584	89 KB
13	bing.com 5 redirects www.bing.com — Cisco Umbrella Rank: 87	43 KB
9	ala3raf.net ala3raf.net	77 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 4716	955 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	177 KB
3	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 7418	88 KB
2	google.com www.google.com — Cisco Umbrella Rank: 11	1 KB
2	gstatic.com fonts.gstatic.com	28 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 8396 s4.histats.com — Cisco Umbrella Rank: 8413	5 KB
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1569	453 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 4633	1 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241	1 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 2038	204 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164	587 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1260	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368	602 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	904 B
82	19

	Domain	Requested by
13	www.bing.com	5 redirects googleads.g.doubleclick.net
11	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com ala3raf.net
11	pagead2.googlesyndication.com	ala3raf.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	tpc.googlesyndication.com	ala3raf.net googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ala3raf.net
9	ala3raf.net	ala3raf.net
6	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
3	an.yandex.ru	2 redirects
3	www.googletagservices.com	ala3raf.net googleads.g.doubleclick.net
3	cdn.adnxs.com	ala3raf.net googleads.g.doubleclick.net
3	adsdk.microsoft.com	ala3raf.net googleads.g.doubleclick.net
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
1	trace.mediago.io	1 redirects
1	a.rfihub.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	ala3raf.net
1	fonts.googleapis.com	ala3raf.net
82	23

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-26` - `2024-02-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
histats.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://ala3raf.net/user/coastwar80
Frame ID: FAF924F3001241B5BFAF29C042061C3B
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20190131/zrt_lookup.html
Frame ID: F55390FDCFC1D48D9E753568A331AD77
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1698276477&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698283677483&bpp=18&bdt=372&idt=180&shv=r20231024&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=135190478460&frm=20&pv=2&ga_vid=895742715.1698283678&ga_sid=1698283678&ga_hid=71529072&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805931%2C44806737%2C31078301%2C31079149%2C44803793%2C44806141&oid=2&pvsid=1865561406258008&tmod=1672790919&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=202
Frame ID: B67603F407940DD2A3174634FD207ED2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=295599945&adf=2370865992&pi=t.aa~a.75468586~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1698276477&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698283677502&bpp=1&bdt=390&idt=188&shv=r20231024&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=135190478460&frm=20&pv=1&ga_vid=895742715.1698283678&ga_sid=1698283678&ga_hid=71529072&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805931%2C44806737%2C31078301%2C31079149%2C44803793%2C44806141&oid=2&pvsid=1865561406258008&tmod=1672790919&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vFkA7DEBye&p=https%3A//ala3raf.net&dtd=191
Frame ID: A35B97509EAB7D7BDC24A8216806A62F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698276478&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698283678005&bpp=1&bdt=894&idt=1&shv=r20231024&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98511ae768c2fa9c%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MYpqrgAkzYtyKqCJMar1VUp6zS71g&gpic=UID%3D00000ca42f119bb4%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MZIT5RoHfAIElkm0jhXpyJUQxKBHw&prev_fmts=0x0%2C1200x280&nras=3&correlator=135190478460&frm=20&pv=1&ga_vid=895742715.1698283678&ga_sid=1698283678&ga_hid=71529072&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805931%2C44806737%2C31078301%2C31079149%2C44803793%2C44806141&oid=2&pvsid=1865561406258008&tmod=1672790919&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=siUTFV7Iae&p=https%3A//ala3raf.net&dtd=7
Frame ID: 652498257F1DAD2B581CDC67ACE51F25
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9C48520279C93657EFC5EA17696606FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Frame ID: 41D91C9728C1270496A6A1B16A37E34C
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: FE1284F274853F46BA0DA97A7ABE3796
Requests: 15 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 50315DFD1AC483653735C797C09BE98D
Requests: 15 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: E20FA8D1D434B0A0637EE57DF9E13B59
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9164D2189C0D98B3A244FDCD244BF5DA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3CCDB237D84907E39F806A0BB2C7E601
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7023AAB77B6F67AA5816775C32B6D7B9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

الأعراف

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

82
Requests

88 %
HTTPS

55 %
IPv6

19
Domains

23
Subdomains

19
IPs

4
Countries

927 kB
Transfer

2644 kB
Size

29
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=8c274200-7690-4342-93d1-16c718d383a5&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=f36abf8f-dc4b-4234-a3fd-5b2d64474cb0&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dd743025fd3c144dfbca4d6ce249b7118%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=8193985462606401630 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d743025fd3c144dfbca4d6ce249b7118&SNR=1&GV=2&med=10

Request Chain 35

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0fe2aea4-450b-47a0-841b-718e9af5c87d&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=9688b162-5ffb-49d6-b6ff-2ca1add0f8ab&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D7afe0d080612448986abc2dac8ad43b5%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_fae_qverpg&aid=7930426323690840107 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7afe0d080612448986abc2dac8ad43b5&SNR=1&GV=2&med=10

Request Chain 42

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=50362b06-758c-4164-86b2-cd5c2e1176d0&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=64d1569f-b43b-4dad-a631-1b2509ea1d0b&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%2814-0%29%3F%26RG%3Dae3773559547423388c32e9ef619f54d%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_vcserdpnc&aid=1588497015301977887 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(14-0)?&RG=ae3773559547423388c32e9ef619f54d&SNR=1&GV=2&med=10

Request Chain 63

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHQL0LZZglcKsl4NIWZO3A0&google_cver=1&google_push=AXcoOmT8oVsGtbxIaef9R4XyYc5vSmn96LQCamokjImX6nH3GMLD2_UyMK60NpkEJ9wQHIEGSmqsTX_RgJuPG6SB4Hg4iBGuzcVZ5uA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDA3Mjg1NjM1NjM4Njk2NA%3D%3D&google_push=AXcoOmT8oVsGtbxIaef9R4XyYc5vSmn96LQCamokjImX6nH3GMLD2_UyMK60NpkEJ9wQHIEGSmqsTX_RgJuPG6SB4Hg4iBGuzcVZ5uA

Request Chain 65

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELTA5is4hJUGIZ2j9YGopQs&google_cver=1&google_push=AXcoOmSuls-nhuAP9Cvpsy95HHKwyo5VQN1-jxWMJUjVGRkBSZJ5mO-AXd090NfHSbbp1dQ49mp0gabQhbBeqOFxbgAlja6SY4Y4ZmM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=lHe6psvHWJZQxNzoYir8aLnDR9c&google_push=AXcoOmSuls-nhuAP9Cvpsy95HHKwyo5VQN1-jxWMJUjVGRkBSZJ5mO-AXd090NfHSbbp1dQ49mp0gabQhbBeqOFxbgAlja6SY4Y4ZmM

Request Chain 66

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEBbPaAF4wO31GrXuwv4Mjqw&google_cver=1&google_push=AXcoOmRyXgh2HZqNtH8qG58CBj_Id--IPXDgS_TjJlwd-CQ7Nq87a9oQy2gmPqpJLwnrCNKKIcuE2uKO_fdTLNDvcjgE9t1P7D5UZb9u HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRyXgh2HZqNtH8qG58CBj_Id--IPXDgS_TjJlwd-CQ7Nq87a9oQy2gmPqpJLwnrCNKKIcuE2uKO_fdTLNDvcjgE9t1P7D5UZb9u&google_hm=MjA3NjAyMzE4MDM0NDQyODY5NQ==

Request Chain 67

https://an.yandex.ru/mapuid/google/CAESEIxQJbs3FmMjcE19jGKPm2M?ext-param=AXcoOmSaPV5BXfo6v0qk-7geuSVj8GZ7P2l_U0hf2Gn0jvH-vJYmQUA0qd7kadqRsr3FQTBRJ3NV8NBlwPjpHw91285jhsb00zVZe40V&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEIxQJbs3FmMjcE19jGKPm2M?redir-setuniq=1&ext-param=AXcoOmSaPV5BXfo6v0qk-7geuSVj8GZ7P2l_U0hf2Gn0jvH-vJYmQUA0qd7kadqRsr3FQTBRJ3NV8NBlwPjpHw91285jhsb00zVZe40V&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEIxQJbs3FmMjcE19jGKPm2M&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 68

https://trace.mediago.io/cs/google?google_gid=CAESEGYIAqcoNt66ZH2fA0eI2-A&google_cver=1&google_push=AXcoOmRHFiiCYNPpRUfSLkGtaNh9hkSMh95BmZD2w-RwSTmSa2srpUIInuXLxOdlBgF0dU0MI8E79mONaD22NsymlcYjdh6JO3Q4UREx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRHFiiCYNPpRUfSLkGtaNh9hkSMh95BmZD2w-RwSTmSa2srpUIInuXLxOdlBgF0dU0MI8E79mONaD22NsymlcYjdh6JO3Q4UREx&google_hm=f34e9699fa75825e1tjz9p00lo6i95g1

Request Chain 78

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=8c274200-7690-4342-93d1-16c718d383a5&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=f36abf8f-dc4b-4234-a3fd-5b2d64474cb0&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dd743025fd3c144dfbca4d6ce249b7118%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=8193985462606401630 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d743025fd3c144dfbca4d6ce249b7118&tids=15000&med=10

Request Chain 81

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0fe2aea4-450b-47a0-841b-718e9af5c87d&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=9688b162-5ffb-49d6-b6ff-2ca1add0f8ab&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D7afe0d080612448986abc2dac8ad43b5%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_fae_qverpg&aid=7930426323690840107 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7afe0d080612448986abc2dac8ad43b5&tids=15000&med=10

82 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request coastwar80 Show response
ala3raf.net/user/ 11 KB
4 KB 1262ms
1189ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/user/coastwar80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c13a7ba11601fe2d7a9bb8922881823d7c9ac2c48cc4fac75081c2480a846383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81beeb6b8b333b58-GVA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 26 Oct 2023 01:27:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdZpUdBS7yA%2BZ9njlXFMgCoN%2B0mGlM8xdDHjmMuQalOgbecfycajaL1Tr3VeFu%2Fymxb6ibJuAq93mQBCpwBxV%2FXZtlvxk24rWp64nVhITE3KwG8CXP2Ox5c7iPE8W7%2FtiZncn7Kz4d%2BrYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 qa-styles.css
ala3raf.net/qa-theme/SnowFlatCustom/ 71 KB
13 KB 95ms
94ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 338503240a2b1a2a0e52e0a5252920489588e5d55ca4812a9e060b9f6080f823

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/coastwar80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 May 2020 13:24:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"11b91-5a50eccf09f80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKLEe1n92HRS2Kcd%2FWPReXyePwG9kOHV3FQTurHQlwE6xUuaXYGmWC1uUa2LKzbdsv9FnRw%2FJSTvJ%2Bq4EJjbdYA5riHVean2T%2FkUb%2FyCIQNeYl9NBzbYGjj1cnH64f31dvRH%2BqKIzMNTjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 81beeb760d3e3b58-GVA
alt-svc: h3=":443"; ma=86400

GET
H2 200 qa-styles-rtl.css
ala3raf.net/qa-theme/SnowFlatCustom/ 11 KB
3 KB 86ms
85ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles-rtl.css?1.8.4
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 806e57f8c7da1780198e2945ab05cab7a252d020bd5049fdc281fa2c62423349

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/coastwar80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 10:23:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2d9a-5c82c600af3c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=092VZPsVRzJma2EYvQfvzawAsBPyvU%2BaEJlGNCyJ8tpzz1Cq2uqk%2FwBXa5b40pfrBpZoqykizNB6JuaXlru3QM%2F33sk9esjvD27dTEdL6aqUzDE00C9hl8N2rRf4cYj2OmuasULXwB4KLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 81beeb760d3f3b58-GVA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 1 KB
904 B 130ms
63ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo&display=swap

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c6500e114cdac56f55c61e0f9e115e760560c1c18bb1b1bfa57ec85ab3b2dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 26 Oct 2023 01:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 01:27:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Oct 2023 01:27:57 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
ala3raf.net/qa-content/ 111 KB
33 KB 128ms
127ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-content/jquery-3.3.1.min.js
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6002e23815ec42acedba12390950c5e1bb68a864af09bc445d29ebafd955acea

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/coastwar80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 May 2020 13:00:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1bb29-5a55eef215040-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ue88y6RIVfrKjFlAwLR2ce%2BaZUwB6DwHNZYiZ5e9kos1O%2BZE4iBeK07%2B%2FqR1WsO14RwpYrbdoshkRsmONoWlzMcWfM89cjybRGjP9geRaXWbU1wNn%2FeFvI75liie5tZF28adZtznelXzgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81beeb760d403b58-GVA
alt-svc: h3=":443"; ma=86400

GET
H2 200 qa-global.js Show response
ala3raf.net/qa-content/ 20 KB
5 KB 90ms
89ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-content/qa-global.js?1.8.4
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/coastwar80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 May 2020 13:24:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5046-5a50eccf09f80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ccsqA4HYBGDjly3Pc536E6%2FowU3a7aY8lf6zj3tnnnpmkW6tZX8qX7yUefMuHeb%2B17EiFxl2DJCBFNoHCBPmLAP1FeYYjWdgPk9V1XP9fcxGAaDHh4HEDcX3XEE2JSgOFiSuXhvJSZe9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81beeb760d413b58-GVA
alt-svc: h3=":443"; ma=86400

GET
H2 200 snow-core.js Show response
ala3raf.net/qa-theme/SnowFlatCustom/js/ 2 KB
1 KB 105ms
104ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/js/snow-core.js?1.8.4
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/user/coastwar80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 May 2020 13:24:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"94f-5a50eccf09f80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqrBzXaohRlBy58A2WS1gXhAq75G6%2FpXfeaYb0SmGF0lbv6JzMLwN6Ac%2F8%2F70pdYttCJ7mFoSAUqydGxKa6cz00ZiEYVaOIe64KAFrpZzBHI%2BBqa7UQx4ZtcWX%2FV5IVtjyiskALPl20VqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81beeb760d423b58-GVA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 186ms
75ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ef1e13e39470a16f49961a911d2eb360b09880789a05b5135736ba37af53f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Origin: https://ala3raf.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51178
x-xss-protection: 0
server: cafe
etag: 14858203498156452003
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:27:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 144ms
77ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdb3277a289ee08c9bf68cde07885b81e1274d3620563361a8b745fca12a2a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51193
x-xss-protection: 0
server: cafe
etag: 3702721912131281061
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:27:57 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 123ms
42ms Script
text/javascript 2606:4700:10::6814:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:91f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 76424
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 81beeb777ba13b5d-GVA
content-length: 4547

GET
H2 200 SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
fonts.gstatic.com/s/cairo/v28/ 15 KB
15 KB 119ms
50ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v28/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ala3raf.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 07:46:25 GMT
x-content-type-options: nosniff
age: 495692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:51:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 07:46:25 GMT

GET
H3 200 search-icon-white.png
ala3raf.net/qa-theme/SnowFlatCustom/images/ 1 KB
2 KB 82ms
82ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/images/search-icon-white.png
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
cf-cache-status: MISS
last-modified: Mon, 14 Jan 2019 17:38:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "584-57f6e82f86400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1HjUUowwklNrLIRaW52AyCDXaUV6eU7bsVwGyEOQbJB%2Bl8yMhouUQGRBiOcM6WPqCYumVIvWO0Cry6f88mHcfV%2B9A0h8A4ZAsFIFYz7hWkXHJnsX3AhBy3CyPWY0BPS2%2Fs7KbYf1W4jww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81beeb770a573b57-GVA
alt-svc: h3=":443"; ma=86400
content-length: 1412

GET
H3 200 spinner-icon-14x14.gif
ala3raf.net/qa-theme/SnowFlatCustom/images/ 8 KB
8 KB 75ms
75ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
cf-cache-status: MISS
last-modified: Mon, 14 Jan 2019 17:38:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1e65-57f6e82f86400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BTxUwxFo8EQTHomUMRg4MX%2B9RbaJI8A8W8bYbl0azmNI2fO6xIlsZgMxrDqE6qkeZuNxIqTdaqCow3iMaT8sixVmZ7hHCYCwlN4jI7vCj5p7Jh9ttRRuMmOedcVeBTrZUHP9s9OfOX1Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81beeb770a583b57-GVA
alt-svc: h3=":443"; ma=86400
content-length: 7781

GET
H3 200 fontello.woff
ala3raf.net/qa-theme/SnowFlatCustom/fonts/ 7 KB
7 KB 84ms
84ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ala3raf.net/qa-theme/SnowFlatCustom/fonts/fontello.woff?70015067
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://ala3raf.net/qa-theme/SnowFlatCustom/qa-styles.css?1.8.4
Origin: https://ala3raf.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2016 20:01:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1c20-5387b41b3f980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCYqSJ5sLIi2Mv45EbGC8tnnG61ioe4BPbyyEJF9YiITzh%2Bbi3n142GMaQWyzlJDRYKMD0Xg13axV1Dzpxb3bP3iBW27higAi3quqp31vqShlixTR09eNRdGiTp7K4Pu5gCjFS%2FI6M8fHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 81beeb770a593b57-GVA
alt-svc: h3=":443"; ma=86400

GET
H2 200 SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
fonts.gstatic.com/s/cairo/v28/ 13 KB
13 KB 123ms
58ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v28/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

673b09d876a8d35a8e0beb633961ff166b000f51bd2222c4c13e236bc16eaf87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ala3raf.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 06:49:18 GMT
x-content-type-options: nosniff
age: 499119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13388
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:51:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 06:49:18 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 50 B
184 B 371ms
122ms Script
text/html 54.39.128.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4570762&@f16&@g1&@h1&@i1&@j1698283677396&@k0&@l1&@m%D8%A7%D9%84%D8%A3%D8%B9%D8%B1%D8%A7%D9%81&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-130662801&@b3:1698283677&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.162 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns562109.ip-54-39-128.net
Software: /
Resource Hash: 9112d894d69f9345a9a76140ea355ca52f23bc01beb859527627f922b708b46a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 26 Oct 2023 01:27:49 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/ 395 KB
134 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079149

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

130504d993dc25d913f6d9fc56a47fb133cb7ac1ad91a1b65bca7feff93ce426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137110
x-xss-protection: 0
server: cafe
etag: 2085293573758226874
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:27:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231024/r20190131/ Frame F553 10 KB
5 KB 74ms
73ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231024/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 79639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 03:20:38 GMT
etag: 4569948109300706969
expires: Wed, 08 Nov 2023 03:20:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
602 B 173ms
60ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ala3raf.net&callback=_gfp_s_&client=ca-pub-8343227950611411

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d24b93f4a8c12742082504a065b32687e5daad7b8f4a75badd98c0f02581b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B676 165 KB
27 KB 281ms
281ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1698276477&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698283677483&bpp=18&bdt=372&idt=180&shv=r20231024&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=135190478460&frm=20&pv=2&ga_vid=895742715.1698283678&ga_sid=1698283678&ga_hid=71529072&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805931%2C44806737%2C31078301%2C31079149%2C44803793%2C44806141&oid=2&pvsid=1865561406258008&tmod=1672790919&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=202

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079149

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43d846ccee0832a719bea6b3f28d7f454497ca083a578a10d2bd11ba5198c871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28002
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 26 Oct 2023 01:27:57 GMT
expires: Thu, 26 Oct 2023 01:27:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A35B 718 B
382 B 236ms
236ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&adk=295599945&adf=2370865992&pi=t.aa~a.75468586~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1698276477&rafmt=1&to=qs&pwprc=8890230846&format=1200x280&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698283677502&bpp=1&bdt=390&idt=188&shv=r20231024&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=135190478460&frm=20&pv=1&ga_vid=895742715.1698283678&ga_sid=1698283678&ga_hid=71529072&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805931%2C44806737%2C31078301%2C31079149%2C44803793%2C44806141&oid=2&pvsid=1865561406258008&tmod=1672790919&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vFkA7DEBye&p=https%3A//ala3raf.net&dtd=191

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079149

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd95ddcbccf6093794e4cd0e59851de8a22e9e5532025b00d4953718a8be98b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 26 Oct 2023 01:27:57 GMT
expires: Thu, 26 Oct 2023 01:27:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/ 159 KB
54 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/reactive_library_fy2021.js?bust=31079149

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079149

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3dc11e08fabb074917c09df3f57c0810626182d36d33b6e0e11fd1a768c53c75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55365
x-xss-protection: 0
server: cafe
etag: 9075462358731309317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:27:58 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6524 58 KB
21 KB 301ms
301ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698276478&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698283678005&bpp=1&bdt=894&idt=1&shv=r20231024&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98511ae768c2fa9c%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MYpqrgAkzYtyKqCJMar1VUp6zS71g&gpic=UID%3D00000ca42f119bb4%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MZIT5RoHfAIElkm0jhXpyJUQxKBHw&prev_fmts=0x0%2C1200x280&nras=3&correlator=135190478460&frm=20&pv=1&ga_vid=895742715.1698283678&ga_sid=1698283678&ga_hid=71529072&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805931%2C44806737%2C31078301%2C31079149%2C44803793%2C44806141&oid=2&pvsid=1865561406258008&tmod=1672790919&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=siUTFV7Iae&p=https%3A//ala3raf.net&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079149

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bba18d6fe07a73d30d9f4b0427f96478a339d052ae9fca9b4d088e19ae2e14d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 21015
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 26 Oct 2023 01:27:58 GMT
expires: Thu, 26 Oct 2023 01:27:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/ Frame 9C48 10 KB
4 KB 50ms
50ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079149

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 74170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 04:51:48 GMT
etag: 4569948109300706969
expires: Wed, 08 Nov 2023 04:51:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/ Frame 41D9 10 KB
4 KB 52ms
52ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079149

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 74170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 04:51:48 GMT
etag: 4569948109300706969
expires: Wed, 08 Nov 2023 04:51:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame FE12 89 KB
29 KB 212ms
37ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e615f6f367dc60fdba6d1448d36ac3b9195d53b0547eecd900ec7ac5da35f87f

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 26 Oct 2023 01:27:58 GMT
content-encoding: br
last-modified: Tue, 10 Oct 2023 17:29:05 GMT
x-azure-ref-originshield: 0EE44ZQAAAACm8wqQRoClR7XqT6X2W+WrRlJBMjMxMDUwNDE4MDI1ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5: PotOPf+YQ2Xxf+TSXc0mXw==
etag: 0x8DBC9B6675A26FC
x-azure-ref: 0nsA5ZQAAAAAgsWcJJYfsTYthwRl+CufFWlJIRURHRTA2MTEAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9004971a-601e-0071-25ce-06b3bc000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame FE12 80 KB
28 KB 111ms
28ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Wed, 10 Jul 2024 11:56:20 GMT
Date: Thu, 26 Oct 2023 01:27:58 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 9207098
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21944-LGA, cache-mxp6968-MXP
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
X-Timer: S1698283678.283673,VS0,VE0
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 65, 146956

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame FE12 3 KB
1 KB 107ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:31:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame FE12 20 KB
9 KB 97ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 23:31:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE12 187 KB
59 KB 130ms
62ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:27:58 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame FE12
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=8c274200-7690-4342-93d1-16c718d383a5&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=f36abf8f-dc4b-4234...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d743025fd3c144dfbca4d6ce249b7118&SNR=1&GV=2&med=10

0
182 B

97ms
97ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d743025fd3c144dfbca4d6ce249b7118&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 18C87504FE6F47A2A395710AB22902B2 Ref B: ZRHEDGE1517 Ref C: 2023-10-26T01:27:58Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 26 Oct 2023 01:27:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 800B1D2CFD994ED391676E716CB7B382 Ref B: ZRHEDGE1517 Ref C: 2023-10-26T01:27:58Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d743025fd3c144dfbca4d6ce249b7118&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 154
expires: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 5031 89 KB
29 KB 226ms
73ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e615f6f367dc60fdba6d1448d36ac3b9195d53b0547eecd900ec7ac5da35f87f

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 26 Oct 2023 01:27:58 GMT
content-encoding: br
last-modified: Tue, 10 Oct 2023 17:29:05 GMT
x-azure-ref-originshield: 0EE44ZQAAAACm8wqQRoClR7XqT6X2W+WrRlJBMjMxMDUwNDE4MDI1ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5: PotOPf+YQ2Xxf+TSXc0mXw==
etag: 0x8DBC9B6675A26FC
x-azure-ref: 0nsA5ZQAAAAAVAVBCbtXvRZyoVF/25L4jWlJIRURHRTA2MTEAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9004971a-601e-0071-25ce-06b3bc000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 5031 80 KB
28 KB 88ms
27ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Wed, 10 Jul 2024 11:56:20 GMT
Date: Thu, 26 Oct 2023 01:27:58 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 9207098
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21944-LGA, cache-mxp6940-MXP
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
X-Timer: S1698283678.283443,VS0,VE0
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 65, 145572

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 5031 3 KB
1 KB 84ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:31:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 5031 20 KB
8 KB 79ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 23:31:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5031 187 KB
59 KB 178ms
133ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:27:58 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 5031
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0fe2aea4-450b-47a0-841b-718e9af5c87d&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=9688b162-5ffb-49d6...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7afe0d080612448986abc2dac8ad43b5&SNR=1&GV=2&med=10

0
242 B

96ms
96ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7afe0d080612448986abc2dac8ad43b5&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 110FEBC0856A4F6B93D694376B25A8DF Ref B: ZRHEDGE1517 Ref C: 2023-10-26T01:27:58Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 26 Oct 2023 01:27:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C2F430B1929548B487F89007C21D559D Ref B: ZRHEDGE1517 Ref C: 2023-10-26T01:27:58Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7afe0d080612448986abc2dac8ad43b5&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 154
expires: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame E20F 89 KB
29 KB 93ms
73ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698276478&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698283678005&bpp=1&bdt=894&idt=1&shv=r20231024&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98511ae768c2fa9c%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MYpqrgAkzYtyKqCJMar1VUp6zS71g&gpic=UID%3D00000ca42f119bb4%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MZIT5RoHfAIElkm0jhXpyJUQxKBHw&prev_fmts=0x0%2C1200x280&nras=3&correlator=135190478460&frm=20&pv=1&ga_vid=895742715.1698283678&ga_sid=1698283678&ga_hid=71529072&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805931%2C44806737%2C31078301%2C31079149%2C44803793%2C44806141&oid=2&pvsid=1865561406258008&tmod=1672790919&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=siUTFV7Iae&p=https%3A//ala3raf.net&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e615f6f367dc60fdba6d1448d36ac3b9195d53b0547eecd900ec7ac5da35f87f

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 26 Oct 2023 01:27:58 GMT
content-encoding: br
last-modified: Tue, 10 Oct 2023 17:29:05 GMT
x-azure-ref-originshield: 0EE44ZQAAAACm8wqQRoClR7XqT6X2W+WrRlJBMjMxMDUwNDE4MDI1ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5: PotOPf+YQ2Xxf+TSXc0mXw==
etag: 0x8DBC9B6675A26FC
x-azure-ref: 0nsA5ZQAAAAB2AKVVQWWNTJ/6KrdjsYJbWlJIRURHRTA2MTEAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9004971a-601e-0071-25ce-06b3bc000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame E20F 80 KB
28 KB 30ms
29ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698276478&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698283678005&bpp=1&bdt=894&idt=1&shv=r20231024&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98511ae768c2fa9c%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MYpqrgAkzYtyKqCJMar1VUp6zS71g&gpic=UID%3D00000ca42f119bb4%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MZIT5RoHfAIElkm0jhXpyJUQxKBHw&prev_fmts=0x0%2C1200x280&nras=3&correlator=135190478460&frm=20&pv=1&ga_vid=895742715.1698283678&ga_sid=1698283678&ga_hid=71529072&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805931%2C44806737%2C31078301%2C31079149%2C44803793%2C44806141&oid=2&pvsid=1865561406258008&tmod=1672790919&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=siUTFV7Iae&p=https%3A//ala3raf.net&dtd=7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Wed, 10 Jul 2024 11:56:20 GMT
Date: Thu, 26 Oct 2023 01:27:58 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 9207098
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21944-LGA, cache-mxp6940-MXP
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
X-Timer: S1698283678.356429,VS0,VE0
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 65, 145573

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame E20F 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698276478&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698283678005&bpp=1&bdt=894&idt=1&shv=r20231024&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98511ae768c2fa9c%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MYpqrgAkzYtyKqCJMar1VUp6zS71g&gpic=UID%3D00000ca42f119bb4%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MZIT5RoHfAIElkm0jhXpyJUQxKBHw&prev_fmts=0x0%2C1200x280&nras=3&correlator=135190478460&frm=20&pv=1&ga_vid=895742715.1698283678&ga_sid=1698283678&ga_hid=71529072&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805931%2C44806737%2C31078301%2C31079149%2C44803793%2C44806141&oid=2&pvsid=1865561406258008&tmod=1672790919&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=siUTFV7Iae&p=https%3A//ala3raf.net&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:31:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame E20F 20 KB
8 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 23:31:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E20F 0
0 111ms
40ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLP1wC5db0Vf3entWNJJKDP5-L_eNIbwLfnxEncdlqlUiDAwm71HN6gqP6Y1Q4x4FtGBVYv0PEy7XgQvu8pvV1XzFSMA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698276478&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698283678005&bpp=1&bdt=894&idt=1&shv=r20231024&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98511ae768c2fa9c%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MYpqrgAkzYtyKqCJMar1VUp6zS71g&gpic=UID%3D00000ca42f119bb4%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MZIT5RoHfAIElkm0jhXpyJUQxKBHw&prev_fmts=0x0%2C1200x280&nras=3&correlator=135190478460&frm=20&pv=1&ga_vid=895742715.1698283678&ga_sid=1698283678&ga_hid=71529072&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805931%2C44806737%2C31078301%2C31079149%2C44803793%2C44806141&oid=2&pvsid=1865561406258008&tmod=1672790919&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=siUTFV7Iae&p=https%3A//ala3raf.net&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E20F 187 KB
59 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:27:58 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame E20F
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=50362b06-758c-4164-86b2-cd5c2e1176d0&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=64d1569f-b43b-4dad-a63...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(14-0)?&RG=ae3773559547423388c32e9ef619f54d&SNR=1&GV=2&med=10

0
183 B

117ms
117ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(14-0)?&RG=ae3773559547423388c32e9ef619f54d&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698276478&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698283678005&bpp=1&bdt=894&idt=1&shv=r20231024&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98511ae768c2fa9c%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MYpqrgAkzYtyKqCJMar1VUp6zS71g&gpic=UID%3D00000ca42f119bb4%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MZIT5RoHfAIElkm0jhXpyJUQxKBHw&prev_fmts=0x0%2C1200x280&nras=3&correlator=135190478460&frm=20&pv=1&ga_vid=895742715.1698283678&ga_sid=1698283678&ga_hid=71529072&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805931%2C44806737%2C31078301%2C31079149%2C44803793%2C44806141&oid=2&pvsid=1865561406258008&tmod=1672790919&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=siUTFV7Iae&p=https%3A//ala3raf.net&dtd=7
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F0BE729D469547ACA3F2D02E1333D449 Ref B: ZRHEDGE1517 Ref C: 2023-10-26T01:27:58Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 26 Oct 2023 01:27:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 82049FDE52BB4293B5B90578163E9644 Ref B: ZRHEDGE1517 Ref C: 2023-10-26T01:27:58Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(14-0)?&RG=ae3773559547423388c32e9ef619f54d&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 156
expires: 0

GET
H2 200 th
www.bing.com/ Frame FE12 17 KB
17 KB 40ms
40ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8246381859714_1N27RAOQNYKW81QF0M&pid=21.2&c=16&roil=0&roit=0.035&roir=1&roib=0.965&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e0a8bb81f71975ccd8da29ac0a7df78a5b2ad76299f4717a90235d5afff9be94

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 11BB02F06E274555A28EC60A8D325433 Ref B: ZRHEDGE1517 Ref C: 2023-10-26T01:27:58Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_HIT
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 17430

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame FE12 0
533 B 143ms
34ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&e=wqT_3QL2A-j2AQAAAwDWAAUBCJ2B56kGEN6g-srVy7jbcRgAKjYJs6W_05YqwD8RDlu27Nxcvz8ZAAAA4KNw7T8hDg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4ifcFgAEBigEDVVNEkgUG8PWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCI2h0dHBzOi8vYWxhM3JhZi5uZXQvdXNlci9jb2FzdHdhcjgwgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfy04qrd6cLlcsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfY4-gUECAAQAJAGAJgGALgGAMEGAAABJSzwP9AGwo0E2gYWChABEC4BAAGKZOAGAfIGAggAgAcBiAcAoAcByAeJ9wXSBw0JESoBJgzaBwYIBQmc4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=d00f5a75546a49c8e883589bb5985b1c86f6ef3f&bdref=https%3A%2F%2Fala3raf.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fala3raf.net%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231024%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-8343227950611411%26fa%3D3%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26xpc%3DynZ2gUuF03%26p%3Dhttps%253A%2F%2Fala3raf.net,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231024%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:58 GMT
an-x-request-uuid: c4eabf02-d414-4d91-bcd0-2984d6f7a2ac
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.195.71.215; 185.195.71.215; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame E20F 5 KB
5 KB 38ms
38ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215588975969_1XP93TF9ZJWEHKCHNH&pid=21.2&c=3&w=200&h=105&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698276478&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698283678005&bpp=1&bdt=894&idt=1&shv=r20231024&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98511ae768c2fa9c%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MYpqrgAkzYtyKqCJMar1VUp6zS71g&gpic=UID%3D00000ca42f119bb4%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MZIT5RoHfAIElkm0jhXpyJUQxKBHw&prev_fmts=0x0%2C1200x280&nras=3&correlator=135190478460&frm=20&pv=1&ga_vid=895742715.1698283678&ga_sid=1698283678&ga_hid=71529072&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805931%2C44806737%2C31078301%2C31079149%2C44803793%2C44806141&oid=2&pvsid=1865561406258008&tmod=1672790919&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=siUTFV7Iae&p=https%3A//ala3raf.net&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2238e3b3f41d60293383bdc2cc106269b5ab3edcfb6b5e1e39b0e9c6b460fea6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1F7331C8E4224938B39B27B7C201113E Ref B: ZRHEDGE1517 Ref C: 2023-10-26T01:27:58Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_HIT
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 4625

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame E20F 0
532 B 132ms
36ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&e=wqT_3QL3A-j3AQAAAwDWAAUBCJ6B56kGEJ_u3p7os96FFhgAKjYJbBmRr5SGxT8ROBvcbEPhxD8ZAAAA4KNw7T8hOA0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR45PYFgAEBigEDVVNEkgUG8PWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCI2h0dHBzOi8vYWxhM3JhZi5uZXQvdXNlci9jb2FzdHdhcjgwgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcO9-eOpstWsB8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBa_daPoFBAgAEACQBgCYBgC4BgDBBgAFJSzwP9AGwo0E2gYWChAFER0BAYtk4AYB8gYCCACABwGIBwCgBwHIB-T2BdIHDQkRKQEmCNoHBgFepBgA4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=9e214d193990bb25e8e93f119d3f94361ecd56d8&bdref=https%3A%2F%2Fala3raf.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fala3raf.net%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8343227950611411%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D1588159632%26pi%3Dt.aa~a.2376638792~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1698276478%26rafmt%3D1%26to%3Dqs%26pwprc%3D8890230846%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fala3raf.net%252Fuser%252Fcoastwar80%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698283678005%26bpp%3D1%26bdt%3D894%26idt%3D1%26shv%3Dr20231024%26mjsv%3Dm202310230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D98511ae768c2fa9c%253AT%253D1698283677%253ART%253D1698283677%253AS%253DALNI_MYpqrgAkzYtyKqCJMar1VUp6zS71g%26gpic%3DUID%253D00000ca42f119bb4%253AT%253D1698283677%253ART%253D1698283677%253AS%253DALNI_MZIT5RoHfAIElkm0jhXpyJUQxKBHw%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D135190478460%26frm%3D20%26pv%3D1%26ga_vid%3D895742715.1698283678%26ga_sid%3D1698283678%26ga_hid%3D71529072%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1225%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44805931%252C44806737%252C31078301%252C31079149%252C44803793%252C44806141%26oid%3D2%26pvsid%3D1865561406258008%26tmod%3D1672790919%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DsiUTFV7Iae%26p%3Dhttps%253A%2F%2Fala3raf.net%26dtd%3D7,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8343227950611411%26output%3Dhtml%26h%3D90%26adk%3D4204718025%26adf%3D1588159632%26pi%3Dt.aa~a.2376638792~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1698276478%26rafmt%3D1%26to%3Dqs%26pwprc%3D8890230846%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fala3raf.net%252Fuser%252Fcoastwar80%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698283678005%26bpp%3D1%26bdt%3D894%26idt%3D1%26shv%3Dr20231024%26mjsv%3Dm202310230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D98511ae768c2fa9c%253AT%253D1698283677%253ART%253D1698283677%253AS%253DALNI_MYpqrgAkzYtyKqCJMar1VUp6zS71g%26gpic%3DUID%253D00000ca42f119bb4%253AT%253D1698283677%253ART%253D1698283677%253AS%253DALNI_MZIT5RoHfAIElkm0jhXpyJUQxKBHw%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D135190478460%26frm%3D20%26pv%3D1%26ga_vid%3D895742715.1698283678%26ga_sid%3D1698283678%26ga_hid%3D71529072%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1225%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44805931%252C44806737%252C31078301%252C31079149%252C44803793%252C44806141%26oid%3D2%26pvsid%3D1865561406258008%26tmod%3D1672790919%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DsiUTFV7Iae%26p%3Dhttps%253A%2F%2Fala3raf.net%26dtd%3D7&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:58 GMT
an-x-request-uuid: a135479a-3e83-433a-a8f6-7aad1701aab5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.195.71.215; 185.195.71.215; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame 5031 17 KB
17 KB 55ms
54ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8246382122109_1HIUR3SOMV8YPS5P8K&pid=21.2&c=16&roil=0.1242&roit=0&roir=0.8758&roib=1&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d9944f4ab1ac53ed8522ec76d4f91f07815995db2df1d24dde4dc2ff35002932

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:57 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7AB16824A4804599A73CA230BA46D1B1 Ref B: ZRHEDGE1517 Ref C: 2023-10-26T01:27:58Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_HIT
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 17572

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 5031 0
532 B 115ms
35ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&e=wqT_3QL2A-j2AQAAAwDWAAUBCJ2B56kGEKvA_6eWl6KHbhgAKjYJNsfbyFWJvj8RjjmsptCevT8ZAAAA4KNw7T8hjg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4x_QFgAEBigEDVVNEkgUG8PWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCI2h0dHBzOi8vYWxhM3JhZi5uZXQvdXNlci9jb2FzdHdhcjgwgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBbrXgLjoqfnZHMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfY4-gUECAAQAJAGAJgGALgGAMEGAAABJSzwP9AGwo0E2gYWChABEC4BAAGKZOAGAfIGAggAgAcBiAcAoAcByAfH9AXSBw0JESoBJgzaBwYIBQmc4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=337dd25d22f4433ae89c54e6fa43654fa41af5f6&bdref=https%3A%2F%2Fala3raf.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fala3raf.net%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231024%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-8343227950611411%26fa%3D4%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26xpc%3DwQ1AVrLl7I%26p%3Dhttps%253A%2F%2Fala3raf.net,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231024%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:58 GMT
an-x-request-uuid: 2f6fce5b-5011-4456-89d9-2edfef72db2e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.195.71.215; 185.195.71.215; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame FE12 0
557 B 35ms
35ms Ping
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&e=wqT_3QKUB-iUAwAAAwDWAAUBCJ2B56kGEN6g-srVy7jbcRgAKjYJs6W_05YqwD8RDlu27Nxcvz8ZAAAA4KNw7T8hDg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4ifcFgAEBigEDVVNEkgUG8GmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCI2h0dHBzOi8vYWxhM3JhZi5uZXQvdXNlci9jb2FzdHdhcjgwgAMAiAMBkAMAmAMJoAMBqgOaAwqwAmh0CTnwhnd3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mMzZhYmY4Zi1kYzRiLTQyMzQtYTNmZC01YjJkNjQ0NzRjYjAmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbhlcIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOAGaOcQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGfQqAWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM4MTkzOTg1NDYyNjA2NDAxNjMwIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56ZzVOVGc0T0RRME9EVTJNVGdqTWpNek1EYzFPRFE1TWpnNU5qZ3dOQT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfy04qrd6cLlcsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfY4-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAACT14ABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHifcF0gcNCQ0lBSYM2gcGCAUJqOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=1904a591d999254b52dcb1598b7ea5f048e15c4c&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=5659700761625757808&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:58 GMT
an-x-request-uuid: 67fd5b44-9980-4d39-bf1b-707b48ee3b11
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.195.71.215; 185.195.71.215; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9164 1 KB
643 B 51ms
50ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 5451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 23:57:07 GMT
etag: 48472445140208031
expires: Thu, 26 Oct 2023 23:57:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E20F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bc07dfdf9bdb5109869a048b6eb594554a97657c51dd3484266559993389e48

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E20F 0
19 B 97ms
96ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWIBqnsA5ZdmcAuql3gPNrr24B9Lg1-Buj6S2k5MKwI23ARABIABg9YWAgPwDggEXY2EtcHViLTgzNDMyMjc5NTA2MTE0MTHIAQmoAwHIAwKqBPQBT9CyZwkimQEzRHfDbfJMq2FPn75Cpr051lgksjtHxX6GSxKyEeumbUc_BxCxCMR9snualcDMZzBUbQ3y5lKkuaNt4ooryy2L1dagNRCXsabWVe78Z2Kou7lYe4sHxhsEJ5thAk-oB4RKtsB6tzyyDgIGQliecF_6j-rvQBGxio86xqD-RfkxVkBoGrO6P1lv8Mb3vha615JEKiQMXkG6MJ2lwGQL4tClpXldOhxE83RZDDuYd3JIaK7iZkGDLxPJy4uDRKKzkqcyVS5PkataKfb5ImzoaSsUiB8FoXwgIUM4r6mgG4ct-Vv-tzpyihYtSMNxCIAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODM0MzIyNzk1MDYxMTQxMRgA&sigh=PsOoNoX2JX4&uach_m=[UACH]&cid=CAQSPADICaaNy39PINXNO2Q2SULTItChT3yX2B4W9O-TTzyWFhoqu1dqpa8bD9Dz-_G1__HBjq7HvGN2MKsE4xgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698276478&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698283678005&bpp=1&bdt=894&idt=1&shv=r20231024&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98511ae768c2fa9c%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MYpqrgAkzYtyKqCJMar1VUp6zS71g&gpic=UID%3D00000ca42f119bb4%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MZIT5RoHfAIElkm0jhXpyJUQxKBHw&prev_fmts=0x0%2C1200x280&nras=3&correlator=135190478460&frm=20&pv=1&ga_vid=895742715.1698283678&ga_sid=1698283678&ga_hid=71529072&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805931%2C44806737%2C31078301%2C31079149%2C44803793%2C44806141&oid=2&pvsid=1865561406258008&tmod=1672790919&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=siUTFV7Iae&p=https%3A//ala3raf.net&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 26 Oct 2023 01:27:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame E20F 0
532 B 35ms
35ms Image
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&e=wqT_3QKdB-idAwAAAwDWAAUBCJ6B56kGEJ_u3p7os96FFhgAKjYJbBmRr5SGxT8ROBvcbEPhxD8ZAAAA4KNw7T8hOA0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR45PYFgAEBigEDVVNEkgUG8GmYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIjaHR0cHM6Ly9hbGEzcmFmLm5ldC91c2VyL2NvYXN0d2FyODCAAwCIAwGQAwCYAwmgAwGqA6MDCr0CaHR0BTnwhnd3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD02NGQxNTY5Zi1iNDNiLTRkYWQtYTYzMS0xYjI1MDllYTFkMGImYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MwlYIHB1Ymxpc2hlcgE0IDYyNjQ1MzMwJgEOADaObQA0cnR5cGU9bnVybCZ0YWcBo2w5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_waV92Y3NlcmRwbmMmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMxNTg4NDk3MDE1MzAxOTc3ODg3IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56SXhOVFUyTlRRMU1EVXlNREERFPBSNU56YzVNekl5TkRBPcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLpBbliIBQGYBQCgBcO9-eOpstWsB8AFAMkFAAUBFPA_0gUJCQULQAAAANgFAeAFAfAFr91o-gUEAVwokAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQEBi2DgBgHyBgIIAIAHAYgHAKAHAcgH5PYF0gcNFWUBJgjaBwYBXrAYAOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=8168389f6edf471a96f9e8ed94ccdea6c712287e&pp=ZTnAngAAjlkKd5LqAA9XTa6GyWs-qy4IoSgLzQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtkRPnsA5ZdmcAuql3gPNrr24B9Lg1-Buj6S2k5MKwI23ARABIABg9YWAgPwDggEXY2EtcHViLTgzNDMyMjc5NTA2MTE0MTHIAQmoAwHIAwKqBPcBT9CyZwkimQEzRHfDbfJMq2FPn75Cpr051lgksjtHxX6GSxKyEeumbUc_BxCxCMR9snualcDMZzBUbQ3y5lKkuaNt4ooryy2L1dagNRCXsabWVe78Z2Kou7lYe4sHxhsEJ5thAk-oB4RKtsB6tzyyDgIGQliecF_6j-rvQBGxio86xqD-RfkxVkBoGrO6P1lv8Mb3vha615JEKiQMXkG6MJ2lwGQL4tClpXldOhxE83RZDDuYd3JIaK7iZkGDLxPJy4uDRKKzkqcyVS5PkasYK9dr4MgSBL_u_Kqb-PiWJWAyK6COA16PfwJ6C7pYpg7tySEcnNoHdIAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0C5sUo3vc17mmlauDa5TBPgSD2gg%26client%3Dca-pub-8343227950611411%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:58 GMT
an-x-request-uuid: 9b12d943-304c-4ae5-b925-8dd88053563c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.195.71.215; 185.195.71.215; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 5031 0
556 B 35ms
35ms Ping
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&e=wqT_3QKmB-imAwAAAwDWAAUBCJ2B56kGEKvA_6eWl6KHbhgAKjYJNsfbyFWJvj8RjjmsptCevT8ZAAAA4KNw7T8hjg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4x_QFgAEBigEDVVNEkgUG8GmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCI2h0dHBzOi8vYWxhM3JhZi5uZXQvdXNlci9jb2FzdHdhcjgwgAMAiAMBkAMAmAMJoAMBqgOsAwrCAmh0CTnwhnd3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD05Njg4YjE2Mi01ZmZiLTQ5ZDYtYjZmZi0yY2ExYWRkMGY4YWImYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbhlcIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOCDk2OIZxALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_QqAV9mYWVfcXZlcnBnJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNzkzMDQyNjMyMzY5MDg0MDEwNyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOemc0T1RBeE5qVTBOREV5TVRnak1qTXpNRFk0T1RjM016TXlNakUxTUE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAW614C46Kn52RzABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX2OPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAUUNAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8f0BdIHDQkNJQUmDNoHBggFCajgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=812a1106db82ecf87df5ad80fba139f96511dead&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=5659700761625757808&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:58 GMT
an-x-request-uuid: 6e7eb650-6546-4a98-a6c7-f2defa749436
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.195.71.215; 185.195.71.215; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FE12 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 559987b164e1e8dd7233ae99d01e1f1aef9c0a1d0dacb55c1b5f4c0c824bd936

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame E20F 0
556 B 35ms
35ms Ping
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&e=wqT_3QKdB-idAwAAAwDWAAUBCJ6B56kGEJ_u3p7os96FFhgAKjYJbBmRr5SGxT8ROBvcbEPhxD8ZAAAA4KNw7T8hOA0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR45PYFgAEBigEDVVNEkgUG8GmYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIjaHR0cHM6Ly9hbGEzcmFmLm5ldC91c2VyL2NvYXN0d2FyODCAAwCIAwGQAwCYAwmgAwGqA6MDCr0CaHR0BTnwhnd3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD02NGQxNTY5Zi1iNDNiLTRkYWQtYTYzMS0xYjI1MDllYTFkMGImYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MwlYIHB1Ymxpc2hlcgE0IDYyNjQ1MzMwJgEOADaObQA0cnR5cGU9bnVybCZ0YWcBo2w5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_waV92Y3NlcmRwbmMmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMxNTg4NDk3MDE1MzAxOTc3ODg3IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56SXhOVFUyTlRRMU1EVXlNREERFPBSNU56YzVNekl5TkRBPcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLpBbliIBQGYBQCgBcO9-eOpstWsB8AFAMkFAAUBFPA_0gUJCQULQAAAANgFAeAFAfAFr91o-gUEAVwokAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQEBi2DgBgHyBgIIAIAHAYgHAKAHAcgH5PYF0gcNFWUBJgjaBwYBXrAYAOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=8168389f6edf471a96f9e8ed94ccdea6c712287e&type=nv&nvt=5&jm=1003&px=236&py=0&bw=182&bh=90&sid=5659700761625757808&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=1200&ph=90&ww=1200&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:58 GMT
an-x-request-uuid: e275bf89-ee91-4303-b57c-318e254b69d5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.195.71.215; 185.195.71.215; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FE12 0
19 B 95ms
95ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COpKMncA5ZeG7K6C_juwPkPudoATS4Nfgbo-ktpOTCsCNtwEQASAAYPWFgID8A4IBF2NhLXB1Yi04MzQzMjI3OTUwNjExNDExyAEJqAMByAMCqgTtAU_QrV0Ler8hm95MyOgWxRplxTPaNc6lQN4Qhe4TxiohKz5WKB3uVU-8CC57JEnNTzdIRQdIsKAcBw1rIbCT1E_9TVxYlGJcWoAk_6ZSuOzSfC8-8eX_YyugPSoK-BGMqn9YGz0iPOakyQv3aXFmKdwxlRpslHhLppyxEZbVpKe5OY0B8WPYZe2XGSumJ4EOHxIMENMu3q4ticah7Jxo6OsKxcj-KYYxrQ5bkmBf-Xh_YYn4Lm71r5tvz8phK3QA6OhlvieVrStAMp5ggpSg7zck1-qShuyTxTSzoxtni_vukAMKdvv-o0gZEr3rTIAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODM0MzIyNzk1MDYxMTQxMRgA&sigh=1yAsnttRLuM&uach_m=[UACH]&cid=CAQSTADICaaNqvI7T9xsNEv-_FcBgCA29yEXmwri6wo6ahZ_9KB-coZ7t_GGqwfKJJOJ7RSweyiI8AEd-PCiK5ercPOMWg0nQeBBZNiMJhUYAQ&cbvp=2&vis=1

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 26 Oct 2023 01:27:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame FE12 0
533 B 35ms
35ms Image
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&e=wqT_3QKUB-iUAwAAAwDWAAUBCJ2B56kGEN6g-srVy7jbcRgAKjYJs6W_05YqwD8RDlu27Nxcvz8ZAAAA4KNw7T8hDg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4ifcFgAEBigEDVVNEkgUG8GmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCI2h0dHBzOi8vYWxhM3JhZi5uZXQvdXNlci9jb2FzdHdhcjgwgAMAiAMBkAMAmAMJoAMBqgOaAwqwAmh0CTnwhnd3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mMzZhYmY4Zi1kYzRiLTQyMzQtYTNmZC01YjJkNjQ0NzRjYjAmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbhlcIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOAGaOcQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGfQqAWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM4MTkzOTg1NDYyNjA2NDAxNjMwIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56ZzVOVGc0T0RRME9EVTJNVGdqTWpNek1EYzFPRFE1TWpnNU5qZ3dOQT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfy04qrd6cLlcsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfY4-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAACT14ABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHifcF0gcNCQ0lBSYM2gcGCAUJqOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=1904a591d999254b52dcb1598b7ea5f048e15c4c&pp=ZTnAnQAK3eEHg5-gAAd9kHz4zbh3ILcI68mNJg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3xzEncA5ZeG7K6C_juwPkPudoATS4Nfgbo-ktpOTCsCNtwEQASAAYPWFgID8A4IBF2NhLXB1Yi04MzQzMjI3OTUwNjExNDExyAEJqAMByAMCqgTwAU_QrV0Ler8hm95MyOgWxRplxTPaNc6lQN4Qhe4TxiohKz5WKB3uVU-8CC57JEnNTzdIRQdIsKAcBw1rIbCT1E_9TVxYlGJcWoAk_6ZSuOzSfC8-8eX_YyugPSoK-BGMqn9YGz0iPOakyQv3aXFmKdwxlRpslHhLppyxEZbVpKe5OY0B8WPYZe2XGSumJ4EOHxIMENMu3q4ticah7Jxo6OsKxcj-KYYxrQ5bkmBf-Xh_YYn4Lm71r5tvz8phK3QA6OhlvieVrSsCML_yQDBagqPeo18M32glwRe5JxJJkyJMFlqOynvUj1DZk1-G2DK3eYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pTwWLhUJW6jsyLemL0v0Pi4Y53A%26client%3Dca-pub-8343227950611411%26adurl%3D&cbvp=2

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:58 GMT
an-x-request-uuid: 0a7711f9-30b2-4869-949d-bf57d6d68a54
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.195.71.215; 185.195.71.215; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5031 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3838041f4f02accc45671a23603b2c201b723871c17b06635c5166928a31ff49

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5031 0
19 B 97ms
96ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDdEGncA5ZeK7K6C_juwPkPudoATS4Nfgbo-ktpOTCsCNtwEQASAAYPWFgID8A4IBF2NhLXB1Yi04MzQzMjI3OTUwNjExNDExyAEJqAMByAMCqgTtAU_Q3PsX262cgZiv2aQq9vZOaxJZBKjf-t679wKWbbr_Sq_qCJe1LQ3exuGJYx2uMpz9yApfR50S6rRhn2XW0TEEVjiYP-RB4l0AVqSC71a-rXW-ZkiNCqEXb2tqC-Gll2EbWu27AxFTOTt6bkxmySvsMDNTgMFrfAmZxEicysGiTyPW8rWTLVUcDMkKXlj4qaf6g6rNqN_DPqRXNVnGswlaGhcc5dCp37oSPn44brLFZx_vmzYMJkzb0UYl3LSqqctlXR7VJqDmjctdcDHs-1DfJk0yhFOfncBZjHcgLDjk52ij91A02VmUvwZY8oAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODM0MzIyNzk1MDYxMTQxMRgA&sigh=EwmSjqYWpNg&uach_m=[UACH]&cid=CAQSTADICaaNqvI7T9xsNEv-_FcBgCA29yEXmwri6wo6ahZ_9KB-coZ7t_GGqwfKJJOJ7RSweyiI8AEd-PCiK5ercPOMWg0nQeBBZNiMJhUYAQ&cbvp=2&vis=1

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 26 Oct 2023 01:27:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 5031 0
532 B 35ms
35ms Image
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&e=wqT_3QKmB-imAwAAAwDWAAUBCJ2B56kGEKvA_6eWl6KHbhgAKjYJNsfbyFWJvj8RjjmsptCevT8ZAAAA4KNw7T8hjg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4x_QFgAEBigEDVVNEkgUG8GmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCI2h0dHBzOi8vYWxhM3JhZi5uZXQvdXNlci9jb2FzdHdhcjgwgAMAiAMBkAMAmAMJoAMBqgOsAwrCAmh0CTnwhnd3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD05Njg4YjE2Mi01ZmZiLTQ5ZDYtYjZmZi0yY2ExYWRkMGY4YWImYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbhlcIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOCDk2OIZxALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_QqAV9mYWVfcXZlcnBnJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNzkzMDQyNjMyMzY5MDg0MDEwNyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOemc0T1RBeE5qVTBOREV5TVRnak1qTXpNRFk0T1RjM016TXlNakUxTUE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAW614C46Kn52RzABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX2OPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAUUNAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8f0BdIHDQkNJQUmDNoHBggFCajgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=812a1106db82ecf87df5ad80fba139f96511dead&pp=ZTnAnQAK3eIHg5-gAAd9kDUr9I_P6yvzW0c9Ww&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChARxncA5ZeK7K6C_juwPkPudoATS4Nfgbo-ktpOTCsCNtwEQASAAYPWFgID8A4IBF2NhLXB1Yi04MzQzMjI3OTUwNjExNDExyAEJqAMByAMCqgTwAU_Q3PsX262cgZiv2aQq9vZOaxJZBKjf-t679wKWbbr_Sq_qCJe1LQ3exuGJYx2uMpz9yApfR50S6rRhn2XW0TEEVjiYP-RB4l0AVqSC71a-rXW-ZkiNCqEXb2tqC-Gll2EbWu27AxFTOTt6bkxmySvsMDNTgMFrfAmZxEicysGiTyPW8rWTLVUcDMkKXlj4qaf6g6rNqN_DPqRXNVnGswlaGhcc5dCp37oSPn44brLFZx_vmzYMJkzb0UYl3LSqqctlXR7VJqCkj-rPspUWlsQlUvis3dcpmeNTCH4ONOFGYTEnS9Ae9UFUPuQ1ZlLPoYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZgWScH0vHwPP1cLWjV2abzfEa7g%26client%3Dca-pub-8343227950611411%26adurl%3D&cbvp=2

Requested by

Host: ala3raf.net
URL: https://ala3raf.net/user/coastwar80

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:58 GMT
an-x-request-uuid: 10b979d6-52e8-4757-9b6c-850f14723ad9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.195.71.215; 185.195.71.215; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9164 35 B
464 B 94ms
31ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDS3ZOzfXrZJ4LbsTkj8bKU&google_cver=1&google_push=AXcoOmQummjhv7sxXgQzZrkbRxUqpO3MskHsmXAhUrNvOt9fTiA9EqlPRAz_0dKxwu9fxNvt6WigJIuFIC8NXahaSHBj2mzNNkaAg-8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9164
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHQL0LZZglcKsl4NIWZO3A0&google_cver=1&google_push=AXcoOmT8oVsGtbxIaef9R4XyYc5vSmn96LQCamokjImX6nH3GMLD2_UyMK60NpkEJ9wQHIEGSmqsTX_RgJuPG6...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDA3Mjg1NjM1NjM4Njk2NA%3D%3D&google_push=AXcoOmT8oVsGtbxIaef9R4XyYc5vSmn96LQCamokjImX6nH3GMLD2_UyMK60NpkEJ9wQHIEGSmqsTX_RgJuPG6SB4H...

170 B
329 B

68ms
63ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDA3Mjg1NjM1NjM4Njk2NA%3D%3D&google_push=AXcoOmT8oVsGtbxIaef9R4XyYc5vSmn96LQCamokjImX6nH3GMLD2_UyMK60NpkEJ9wQHIEGSmqsTX_RgJuPG6SB4Hg4iBGuzcVZ5uA

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDA3Mjg1NjM1NjM4Njk2NA%3D%3D&google_push=AXcoOmT8oVsGtbxIaef9R4XyYc5vSmn96LQCamokjImX6nH3GMLD2_UyMK60NpkEJ9wQHIEGSmqsTX_RgJuPG6SB4Hg4iBGuzcVZ5uA
Date: Thu, 26 Oct 2023 01:27:58 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 9164 42 B
204 B 100ms
38ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEOyr0kCRUybAUwfFjT8bn88&google_cver=1&google_push=AXcoOmR_Y_hRoGl-aang33w2slzREqXtUjED0A_2HAJRDQxhUpXYVlkNLR8f0PhrQfX0riy1ssZ8MqdlS0R1-b8AbCwi2GP4tiHiXw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=90&adk=4204718025&adf=1588159632&pi=t.aa~a.2376638792~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1698276478&rafmt=1&to=qs&pwprc=8890230846&format=1200x90&url=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698283678005&bpp=1&bdt=894&idt=1&shv=r20231024&mjsv=m202310230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98511ae768c2fa9c%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MYpqrgAkzYtyKqCJMar1VUp6zS71g&gpic=UID%3D00000ca42f119bb4%3AT%3D1698283677%3ART%3D1698283677%3AS%3DALNI_MZIT5RoHfAIElkm0jhXpyJUQxKBHw&prev_fmts=0x0%2C1200x280&nras=3&correlator=135190478460&frm=20&pv=1&ga_vid=895742715.1698283678&ga_sid=1698283678&ga_hid=71529072&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805931%2C44806737%2C31078301%2C31079149%2C44803793%2C44806141&oid=2&pvsid=1865561406258008&tmod=1672790919&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=siUTFV7Iae&p=https%3A//ala3raf.net&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:58 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9164
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELTA5is4hJUGIZ2j9YGopQs&google_cver=1&google_push=AXcoOmSuls-nhuAP9Cvpsy95HHKwyo5VQN1-jxWMJUjVGRkBSZJ5mO-AXd090NfHSbbp1dQ49mp0gabQhbBeqOF...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=lHe6psvHWJZQxNzoYir8aLnDR9c&google_push=AXcoOmSuls-nhuAP9Cvpsy95HHKwyo5VQN1-jxWMJUjVGRkBSZJ5mO-AXd090NfHSbbp1dQ49mp0gabQhbBeqO...

170 B
232 B

64ms
64ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=lHe6psvHWJZQxNzoYir8aLnDR9c&google_push=AXcoOmSuls-nhuAP9Cvpsy95HHKwyo5VQN1-jxWMJUjVGRkBSZJ5mO-AXd090NfHSbbp1dQ49mp0gabQhbBeqOFxbgAlja6SY4Y4ZmM

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=lHe6psvHWJZQxNzoYir8aLnDR9c&google_push=AXcoOmSuls-nhuAP9Cvpsy95HHKwyo5VQN1-jxWMJUjVGRkBSZJ5mO-AXd090NfHSbbp1dQ49mp0gabQhbBeqOFxbgAlja6SY4Y4ZmM
Date: Thu, 26 Oct 2023 01:27:59 GMT
Connection: keep-alive
Content-Length: 245
Content-Type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9164
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEBbPaAF4wO31GrXuwv4Mjqw&google_cver=1&google_push=AXcoOmRyXgh2HZqNtH8qG58CBj_Id--IPXDgS_TjJlwd-CQ7Nq87a9oQy2gmPqpJLwnrCNKKIcuE2uKO_fdTLNDvcjgE9t1...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRyXgh2HZqNtH8qG58CBj_Id--IPXDgS_TjJlwd-CQ7Nq87a9oQy2gmPqpJLwnrCNKKIcuE2uKO_fdTLNDvcjgE9t1P7D5UZb9u&google_hm=MjA3NjA...

170 B
232 B

63ms
62ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRyXgh2HZqNtH8qG58CBj_Id--IPXDgS_TjJlwd-CQ7Nq87a9oQy2gmPqpJLwnrCNKKIcuE2uKO_fdTLNDvcjgE9t1P7D5UZb9u&google_hm=MjA3NjAyMzE4MDM0NDQyODY5NQ==

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRyXgh2HZqNtH8qG58CBj_Id--IPXDgS_TjJlwd-CQ7Nq87a9oQy2gmPqpJLwnrCNKKIcuE2uKO_fdTLNDvcjgE9t1P7D5UZb9u&google_hm=MjA3NjAyMzE4MDM0NDQyODY5NQ==
Date: Thu, 26 Oct 2023 01:27:58 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 9164
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEIxQJbs3FmMjcE19jGKPm2M?ext-param=AXcoOmSaPV5BXfo6v0qk-7geuSVj8GZ7P2l_U0hf2Gn0jvH-vJYmQUA0qd7kadqRsr3FQTBRJ3NV8NBlwPjpHw91285jhsb00zVZe40V&partner-tag=yandex_...
https://an.yandex.ru/mapuid/google/CAESEIxQJbs3FmMjcE19jGKPm2M?redir-setuniq=1&ext-param=AXcoOmSaPV5BXfo6v0qk-7geuSVj8GZ7P2l_U0hf2Gn0jvH-vJYmQUA0qd7kadqRsr3FQTBRJ3NV8NBlwPjpHw91285jhsb00zVZe40V&par...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEIxQJbs3FmMjcE19jGKPm2M&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

73ms
73ms

Image
image/gif

77.88.21.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

77.88.21.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 10 Oct 2024 01:27:59 GMT

Redirect headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9164
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEGYIAqcoNt66ZH2fA0eI2-A&google_cver=1&google_push=AXcoOmRHFiiCYNPpRUfSLkGtaNh9hkSMh95BmZD2w-RwSTmSa2srpUIInuXLxOdlBgF0dU0MI8E79mONaD22NsymlcYjdh6JO...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRHFiiCYNPpRUfSLkGtaNh9hkSMh95BmZD2w-RwSTmSa2srpUIInuXLxOdlBgF0dU0MI8E79mONaD22NsymlcYjdh6JO3Q4UREx&google_hm=f34e9699fa...

170 B
232 B

64ms
63ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRHFiiCYNPpRUfSLkGtaNh9hkSMh95BmZD2w-RwSTmSa2srpUIInuXLxOdlBgF0dU0MI8E79mONaD22NsymlcYjdh6JO3Q4UREx&google_hm=f34e9699fa75825e1tjz9p00lo6i95g1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRHFiiCYNPpRUfSLkGtaNh9hkSMh95BmZD2w-RwSTmSa2srpUIInuXLxOdlBgF0dU0MI8E79mONaD22NsymlcYjdh6JO3Q4UREx&google_hm=f34e9699fa75825e1tjz9p00lo6i95g1
date: Thu, 26 Oct 2023 01:27:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9164 0
139 B 195ms
60ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IB82vXsvlDk00Horco1sk7KkoKc4j6vp-1X6TRkb0Jx8YIk1IMfpxzqRHGOXD1VauQg2KAlKMQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 66ms
65ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231024&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a86f473a38a75bb23a0a4789495f967196721bbc381838ce16174819037ce20a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12203
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310230101/show_ads_impl_fy2021.js?bust=31079149

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 01:27:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3CCD 13 KB
5 KB 31ms
30ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 21377
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:31:42 GMT
expires: Thu, 24 Oct 2024 19:31:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7023 829 B
1 KB 80ms
80ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a12eab1e9d4cc778f440da72b42b0ce0fc16f80d18b86bc06606bed1188687ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mhQ2QTKUy2T_zXOcejpoiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ala3raf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mhQ2QTKUy2T_zXOcejpoiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 26 Oct 2023 01:27:59 GMT
expires: Thu, 26 Oct 2023 01:27:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 y08pV31sM45xEike2vHNAQ_usQ3N3SApGkbB1F_zlUU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CCD 39 KB
15 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/y08pV31sM45xEike2vHNAQ_usQ3N3SApGkbB1F_zlUU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb4f29577d6c338e7112291edaf1cd010feeb10dcddd20291a46c1d45ff39545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15202
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 02:07:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7023 0
0 84ms
84ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231024&jk=1865561406258008&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3CCD 0
10 B 29ms
29ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Zu4HCw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:27:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
88ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231024&jk=1865561406258008&bg=!IiGlIW7NAAZRemZlcXo7ADQBe5WfOJjFxwnQc6MFPq9OXEfbM8KLfxUmqjo9pIPkJd2tCyxj89sdoQuMbbqki-Jh2mMwAgAAAEhSAAAAAmgBBwoA0F_JabuaeZr-LePZG08RkqabexPOUYXCMRYDijlal67bl0PX8T5fyQnA68_KGDWqSiCc7jBCRsFlIkCViMIvKyapd1QLECLDRcQ7Q8vHW9nPXod0amwVZ-baNWxc5P2UIbESaKNRagFrGsrUD6A8jBW6lCzBDjEcnm32Y782ZQ80P7LXOv3LMrqem2NZ-lsU5VTiyE_AOJEgYwbctjPDW0r-j5EfKCS8H9pKBeG0KHnpH-YslOPtKr68e8xfe1uyjQ2IkQP0ieXCoNSmIC38-yOZAq8Mb7Rij8fcgh5Yv67UBib1jjnnak612pJLQFtIO94RGzOJFXYv8Gd0E0cqdmMDwQA4Kffm2aMwEBIb-YBs0GjviiLiqwZ8Da2RCXP0-wyYr5_dGmkSlu8CnRB29VxZXo7GY_Aa65-W8p6DWSrVahvm9oKNavYKdBgsJSj4r6zVskbteJ-vl71fVm20i8_v_idmZ4IlbIVbzwmDkGgF7l1ejJIT6B9yNU5EEipSN-SY5VqXkeHKlVKFdK_LZHQY310r2faVEy-qsXHMYXuDTxlwOpvPLI1t88t6P9N4SSTSGHE9rPmEmdj9trIr4sYt-hLr4kqX22JNwQEgWmgQ407RnyXGhLMPM_iTd26OQu3LOCFhx2jrky84SqqvNSjpgaxG44Fk4sMLYiEQKpUMJ_7QdCNDdlKzUWNljvaDWZ0E09KXZv_qdRCZd7SohjeKGguR9pShtZFN1ymfchsjyIlHJxAkWeAj0KBQCl42Lr7-IVZ8MGKRNtgisTjikPAcrp6VZz5OAB75LkAlLd_gaYbtStXJz3wBXImA1aRLkc9AFf7T56OUXMdZ07ZavnkMWNHSH5YQ5wbTJxg_nEGlm_rRfmrpMBOkmFR8GlMSDkekYXfLneDgxa4VtKqJCX4DCRu809B5EfZpjtcu7JJniVV5Odd9k18ueKBrwTlAXlRCnXZI2NdG7WC0_b_Tl6MlNqU65DO-50FjFGQMXspB-t_hbeEqAHRPeaQxv3brZESFBDGym7gwksCDRxB2XFiF9BAabmfFBRydq9rrtu2vWh8No6MRt_uwatK_Y3Q2dR8nzJODcEIp6EiStbXWTLDbZ066AB0-iCaua8eM_x8xtoY5z1MStOVgUqFjEeOtChesk74XAVdPMrd_QlUer68u4dyV5pR9oQ4UwDaAdyF95rQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ala3raf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

c.gif
www.bing.com/aes/ Frame FE12
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=8c274200-7690-4342-93d1-16c718d383a5&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=f36abf8f-dc4b-4234...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d743025fd3c144dfbca4d6ce249b7118&tids=15000&med=10

0
185 B

82ms
82ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d743025fd3c144dfbca4d6ce249b7118&tids=15000&med=10
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6BF697A935E74AACA8B5F6F3EA2EBB4D Ref B: ZRHEDGE1517 Ref C: 2023-10-26T01:27:59Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 26 Oct 2023 01:27:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 846BAA0A285F4D8D8CC19454012F2D01 Ref B: ZRHEDGE1517 Ref C: 2023-10-26T01:27:59Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d743025fd3c144dfbca4d6ce249b7118&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 146
expires: 0

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame FE12 0
556 B 36ms
36ms Ping
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&e=wqT_3QKUB-iUAwAAAwDWAAUBCJ2B56kGEN6g-srVy7jbcRgAKjYJs6W_05YqwD8RDlu27Nxcvz8ZAAAA4KNw7T8hDg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4ifcFgAEBigEDVVNEkgUG8GmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCI2h0dHBzOi8vYWxhM3JhZi5uZXQvdXNlci9jb2FzdHdhcjgwgAMAiAMBkAMAmAMJoAMBqgOaAwqwAmh0CTnwhnd3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mMzZhYmY4Zi1kYzRiLTQyMzQtYTNmZC01YjJkNjQ0NzRjYjAmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbhlcIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOAGaOcQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGfQqAWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM4MTkzOTg1NDYyNjA2NDAxNjMwIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56ZzVOVGc0T0RRME9EVTJNVGdqTWpNek1EYzFPRFE1TWpnNU5qZ3dOQT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfy04qrd6cLlcsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfY4-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAACT14ABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHifcF0gcNCQ0lBSYM2gcGCAUJqOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=1904a591d999254b52dcb1598b7ea5f048e15c4c&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=5659700761625757808&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:59 GMT
an-x-request-uuid: 49c69d41-bfc5-4238-a201-49c2da78682c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.195.71.215; 185.195.71.215; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FE12 42 B
64 B 89ms
89ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPP0xvLCyJhsfCerzfcYBf1OXmtspHrsvYqRekkqpJKHbIfHADKyaRbT7lGkGT_bhu8xlB9R65FjwLcc7u8CeABxmekefo3GPXaMux&sig=Cg0ArKJSzAJJJx4VpQxMEAE&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698283678178&rpt=538&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 5031
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0fe2aea4-450b-47a0-841b-718e9af5c87d&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=9688b162-5ffb-49d6...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7afe0d080612448986abc2dac8ad43b5&tids=15000&med=10

0
184 B

155ms
155ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7afe0d080612448986abc2dac8ad43b5&tids=15000&med=10
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F7CA3ED0D3D14C06B3216CE1C5F97E06 Ref B: ZRHEDGE1517 Ref C: 2023-10-26T01:27:59Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 26 Oct 2023 01:27:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E5DE5383869F43EFB555315378BA3203 Ref B: ZRHEDGE1517 Ref C: 2023-10-26T01:27:59Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7afe0d080612448986abc2dac8ad43b5&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 146
expires: 0

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 5031 0
556 B 36ms
36ms Ping
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fala3raf.net%2Fuser%2Fcoastwar80&e=wqT_3QKmB-imAwAAAwDWAAUBCJ2B56kGEKvA_6eWl6KHbhgAKjYJNsfbyFWJvj8RjjmsptCevT8ZAAAA4KNw7T8hjg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4x_QFgAEBigEDVVNEkgUG8GmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCI2h0dHBzOi8vYWxhM3JhZi5uZXQvdXNlci9jb2FzdHdhcjgwgAMAiAMBkAMAmAMJoAMBqgOsAwrCAmh0CTnwhnd3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD05Njg4YjE2Mi01ZmZiLTQ5ZDYtYjZmZi0yY2ExYWRkMGY4YWImYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbhlcIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOCDk2OIZxALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_QqAV9mYWVfcXZlcnBnJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNzkzMDQyNjMyMzY5MDg0MDEwNyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOemc0T1RBeE5qVTBOREV5TVRnak1qTXpNRFk0T1RjM016TXlNakUxTUE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAW614C46Kn52RzABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX2OPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAUUNAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8f0BdIHDQkNJQUmDNoHBggFCajgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=812a1106db82ecf87df5ad80fba139f96511dead&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=5659700761625757808&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:59 GMT
an-x-request-uuid: 8261445a-50e0-4c3f-b301-6610c4dfa7aa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.195.71.215; 185.195.71.215; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5031 42 B
64 B 90ms
89ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaxqMiMiYg8T-Sm7thDWQLNThJcKqAQRfxDsE1-Mawp_7vxHt_DXYZFWFVg1RiujJi-aKxxUMw_JTZ7Cka06TCi7YgHjwJDXVVNqiD&sig=Cg0ArKJSzGavpNkapnViEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698283678203&rpt=550&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:27:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ala3raf.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: jb74mv216jrh3ilbdp27kj89rd
ala3raf.net/	1970-01-20 15:47:36	Name: qa_key Value: qe2befejtc2s16xehs8m6hz1mw57s29b
ala3raf.net/	1970-01-21 00:30:19	Name: HstCfa4570762 Value: 1698283677396
ala3raf.net/	1970-01-21 00:30:19	Name: HstCla4570762 Value: 1698283677396
ala3raf.net/	1970-01-21 00:30:19	Name: HstCmu4570762 Value: 1698283677396
ala3raf.net/	1970-01-21 00:30:19	Name: HstPn4570762 Value: 1
ala3raf.net/	1970-01-21 00:30:19	Name: HstPt4570762 Value: 1
ala3raf.net/	1970-01-21 00:30:19	Name: HstCnv4570762 Value: 1
ala3raf.net/	1970-01-21 00:30:19	Name: HstCns4570762 Value: 1
.ala3raf.net/	1970-01-21 01:06:19	Name: __gads Value: ID=98511ae768c2fa9c:T=1698283677:RT=1698283677:S=ALNI_MYpqrgAkzYtyKqCJMar1VUp6zS71g
.ala3raf.net/	1970-01-21 01:06:19	Name: __gpi Value: UID=00000ca42f119bb4:T=1698283677:RT=1698283677:S=ALNI_MZIT5RoHfAIElkm0jhXpyJUQxKBHw
.doubleclick.net/	1970-01-21 01:20:43	Name: IDE Value: AHWqTUk-81xEwsv1zgfQ0VLyI20E0Z_F8VqUQQSlRtq3jtYogullpeGBoJ3EKPeZhDU
.bing.com/	1970-01-21 01:06:19	Name: MUID Value: 1449532668FE689F23124090698E698F
.quantserve.com/	1970-01-20 17:54:19	Name: d Value: EBEBCQGjKoEA
.quantserve.com/	1970-01-21 01:14:58	Name: mc Value: 6539c09e-d9706-b9c59-571b6
.adfarm1.adition.com/	1970-01-20 17:54:19	Name: UserID1 Value: 7294072856356386964
.rfihub.com/	1970-01-21 01:06:19	Name: rud Value: H4sIAAAAAAAA_-MSNjIwNzMwMja0MDA2MTExsjCzNBXiM9QtsfTPCw_LjYjPCPIDAOO0DYolAAAA
.rfihub.com/	1970-01-21 01:06:19	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dUoKSHR0Myn3NzZ0L4ooLS8z8c0qLA_iNTSztDCyMDYzt7A0NX_FiMoHALFp5749AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjIwNzMwMja0MDA2MTExsjCzNBXiM9QtsfTPCw_LjYjPCPIDAOO0DYolAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dUoKSHR0Myn3NzZ0L4ooLS8z8c0qLAcAMoDIMB4AAAA
.mediago.io/	1970-01-21 00:30:19	Name: __mguid_ Value: f34e9699fa75825e1tjz9p00lo6i95g1
sync.srv.stackadapt.com/	1970-01-21 00:30:19	Name: sa-user-id Value: s%3A0-9477baa6-cbc7-5896-50c4-dce8622afc68.1PjSId%2FoceLW19desnASarLlKITIWvC8DQwgup2xM60
.srv.stackadapt.com/	1970-01-21 00:30:19	Name: sa-user-id Value: s%3A0-9477baa6-cbc7-5896-50c4-dce8622afc68.1PjSId%2FoceLW19desnASarLlKITIWvC8DQwgup2xM60
sync.srv.stackadapt.com/	1970-01-21 00:30:19	Name: sa-user-id-v2 Value: s%3AlHe6psvHWJZQxNzoYir8aLnDR9c.s07AtwGMHqlH0rf%2FpfqsYPl6UNXly2TRb0p%2FRqeBTBk
.srv.stackadapt.com/	1970-01-21 00:30:19	Name: sa-user-id-v2 Value: s%3AlHe6psvHWJZQxNzoYir8aLnDR9c.s07AtwGMHqlH0rf%2FpfqsYPl6UNXly2TRb0p%2FRqeBTBk
sync.srv.stackadapt.com/	1970-01-21 00:30:19	Name: sa-user-id-v3 Value: s%3AAQAKIKZQd2MpeZ7571w8_rzBfu3_-rab-asX8kslLlslkk2pEHwYBCCfgeepBjABOgTwi70wQgSCQSaZ.kW8%2FHAP0yH5sTt0tsfclNFQrCOnf%2FnFol5nW86tdzUI
.srv.stackadapt.com/	1970-01-21 00:30:19	Name: sa-user-id-v3 Value: s%3AAQAKIKZQd2MpeZ7571w8_rzBfu3_-rab-asX8kslLlslkk2pEHwYBCCfgeepBjABOgTwi70wQgSCQSaZ.kW8%2FHAP0yH5sTt0tsfclNFQrCOnf%2FnFol5nW86tdzUI
.yandex.ru/	1970-01-21 01:20:43	Name: yuidss Value: 2200187181698283679
.yandex.ru/	1970-01-21 01:20:43	Name: yandexuid Value: 2200187181698283679

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ala3raf.net/user/coastwar80 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
adsdk.microsoft.com
ala3raf.net
ams3-ib.adnxs.com
an.yandex.ru
cdn.adnxs.com
cm.g.doubleclick.net
cms.quantserve.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
s10.histats.com
s4.histats.com
sync.srv.stackadapt.com
tpc.googlesyndication.com
trace.mediago.io
www.bing.com
www.google.com
www.googletagservices.com
142.250.186.66
151.101.1.108
185.89.211.84
193.0.160.131
2606:4700:10::6814:91f
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a06:98c1:3121::3
34.160.236.64
35.208.249.213
52.6.69.62
54.39.128.162
77.88.21.90
85.114.159.93
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d24b93f4a8c12742082504a065b32687e5daad7b8f4a75badd98c0f02581b7e
130504d993dc25d913f6d9fc56a47fb133cb7ac1ad91a1b65bca7feff93ce426
1bc07dfdf9bdb5109869a048b6eb594554a97657c51dd3484266559993389e48
1c6500e114cdac56f55c61e0f9e115e760560c1c18bb1b1bfa57ec85ab3b2dcb
1ef1e13e39470a16f49961a911d2eb360b09880789a05b5135736ba37af53f16
2238e3b3f41d60293383bdc2cc106269b5ab3edcfb6b5e1e39b0e9c6b460fea6
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
338503240a2b1a2a0e52e0a5252920489588e5d55ca4812a9e060b9f6080f823
3838041f4f02accc45671a23603b2c201b723871c17b06635c5166928a31ff49
3dc11e08fabb074917c09df3f57c0810626182d36d33b6e0e11fd1a768c53c75
43d846ccee0832a719bea6b3f28d7f454497ca083a578a10d2bd11ba5198c871
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559987b164e1e8dd7233ae99d01e1f1aef9c0a1d0dacb55c1b5f4c0c824bd936
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
6002e23815ec42acedba12390950c5e1bb68a864af09bc445d29ebafd955acea
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
673b09d876a8d35a8e0beb633961ff166b000f51bd2222c4c13e236bc16eaf87
806e57f8c7da1780198e2945ab05cab7a252d020bd5049fdc281fa2c62423349
9112d894d69f9345a9a76140ea355ca52f23bc01beb859527627f922b708b46a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12eab1e9d4cc778f440da72b42b0ce0fc16f80d18b86bc06606bed1188687ce
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a86f473a38a75bb23a0a4789495f967196721bbc381838ce16174819037ce20a
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
bba18d6fe07a73d30d9f4b0427f96478a339d052ae9fca9b4d088e19ae2e14d8
bd95ddcbccf6093794e4cd0e59851de8a22e9e5532025b00d4953718a8be98b7
c13a7ba11601fe2d7a9bb8922881823d7c9ac2c48cc4fac75081c2480a846383
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
cb4f29577d6c338e7112291edaf1cd010feeb10dcddd20291a46c1d45ff39545
cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb
d9944f4ab1ac53ed8522ec76d4f91f07815995db2df1d24dde4dc2ff35002932
e0a8bb81f71975ccd8da29ac0a7df78a5b2ad76299f4717a90235d5afff9be94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e615f6f367dc60fdba6d1448d36ac3b9195d53b0547eecd900ec7ac5da35f87f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdb3277a289ee08c9bf68cde07885b81e1274d3620563361a8b745fca12a2a92

ala3raf.net Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

82 Requests

88 %HTTPS

55 %IPv6

19 Domains

23 Subdomains

19 IPs

4 Countries

927 kBTransfer

2644 kBSize

29 Cookies

2 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ala3raf.net Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

88 %
HTTPS

55 %
IPv6

19
Domains

23
Subdomains

19
IPs

4
Countries

927 kB
Transfer

2644 kB
Size

29
Cookies

82 HTTP transactions
3 data transactions