natiga.alsaraha.com Open in urlscan Pro
217.69.12.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://natiga.alsaraha.com/
Submission: On July 31 via automatic, source certstream-suspicious (July 31st 2023, 9:06:37 am UTC) — Scanned from FR

Summary HTTP 92 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 92 HTTP transactions. The main IP is 217.69.12.3, located in Aubervilliers, France and belongs to AS-CHOOPA, US. The main domain is natiga.alsaraha.com.
TLS certificate: Issued by R3 on July 31st 2023. Valid for: 3 months.

This is the only time natiga.alsaraha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	217.69.12.3 217.69.12.3	20473 (AS-CHOOPA) (AS-CHOOPA)
12	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:1ba4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	107.191.47.191 107.191.47.191	20473 (AS-CHOOPA) (AS-CHOOPA)
11	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:4d37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:ca7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
92	17

11 217.69.12.3 (Aubervilliers, France)

ASN20473 (AS-CHOOPA, US)
PTR: 217.69.12.3.vultrusercontent.com

natiga.alsaraha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1ba4 (United States)

ASN13335 (CLOUDFLARENET, US)

getadblock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.191.47.191 (Aubervilliers, France)

ASN20473 (AS-CHOOPA, US)
PTR: 107.191.47.191.vultrusercontent.com

static.followers-store.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
followers-store.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:4d37 (United States)

ASN13335 (CLOUDFLARENET, US)

alsaraha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:ca7 (United States)

ASN13335 (CLOUDFLARENET, US)

goldpricenow.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	515 KB
18	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	210 KB
12	alsaraha.com natiga.alsaraha.com alsaraha.com	654 KB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	164 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	5 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	225 KB
2	followers-store.com static.followers-store.com followers-store.com	9 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	256 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	605 B
1	goldpricenow.live goldpricenow.live	2 KB
1	getadblock.com getadblock.com — Cisco Umbrella Rank: 22004	9 KB
0	Failed function sub() { [native code] }. Failed
92	12

	Domain	Requested by
22	tpc.googlesyndication.com	googleads.g.doubleclick.net
12	pagead2.googlesyndication.com	natiga.alsaraha.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net natiga.alsaraha.com
11	natiga.alsaraha.com	natiga.alsaraha.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	natiga.alsaraha.com googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	www.google.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	goldpricenow.live	natiga.alsaraha.com
1	followers-store.com	natiga.alsaraha.com
1	alsaraha.com	natiga.alsaraha.com
1	static.followers-store.com	natiga.alsaraha.com
1	getadblock.com	natiga.alsaraha.com
0	127.0.0.1 Failed	natiga.alsaraha.com
92	19

This site contains links to these domains. Also see Links.

Domain
127.0.0.1
t.me
alsaraha.com
followers-store.com
goldpricenow.live

Subject Issuer	Validity	Valid
natiga.alsaraha.com R3	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
getadblock.com GTS CA 1P5	`2023-06-29` - `2023-09-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
static.followers-store.com R3	`2023-06-07` - `2023-09-05`	3 months	crt.sh
alsaraha.com GTS CA 1P5	`2023-06-06` - `2023-09-04`	3 months	crt.sh
followers-store.com R3	`2023-06-23` - `2023-09-21`	3 months	crt.sh
goldpricenow.live GTS CA 1P5	`2023-06-17` - `2023-09-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://natiga.alsaraha.com/
Frame ID: AAE21336B4E7EDD9E9AD237C7D8A994F
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: 7D0FCE06D34F398A86CF2E00EF44B6B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&adk=1812271804&adf=3025194257&lmt=1690794392&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l&format=0x0&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391982&bpp=6&bdt=309&idt=249&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2900419751264&frm=20&pv=2&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=288
Frame ID: 6E54D8B16859AD958C5BABEB9ED1217D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=2866448184&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391988&bpp=7&bdt=315&idt=287&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rg0rGXimoI&p=https%3A//natiga.alsaraha.com&dtd=297
Frame ID: F76E7B19C8F841E9D635FEB479A0E067
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=105530703&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391995&bpp=1&bdt=323&idt=299&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y4PvNi0FEt&p=https%3A//natiga.alsaraha.com&dtd=304
Frame ID: 72C6279E6D271E01D7C8D49A73095AA2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4BBDE6208720C20D96D35331B734390C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: 74E2572485B59854DC5681C32934D3CC
Requests: 19 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: AB452FD5862045914E130A5210C0F592
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 86B37A2AB2EBA7DA1AB84A7D7B31C8AE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: A1AD858D34515C355E7BE1B72D5477F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 301A9929464B2D711191C3ED34F06750
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 42D7CD23B6EA00AFA274E79B6E6B7ACF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 1C282A23F7A77868E7015632D7BBA31B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

اسم الموقع هنا

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Livewire (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

livewire(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

92
Requests

98 %
HTTPS

88 %
IPv6

12
Domains

19
Subdomains

17
IPs

3
Countries

1794 kB
Transfer

4214 kB
Size

6
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://127.0.0.1:8000/
Title: الرئيسية

Search URL Search Domain Scan URL

URL: http://127.0.0.1:8000/blog
Title: المدونة

Search URL Search Domain Scan URL

URL: http://127.0.0.1:8000/page/about
Title: معلومات عنا

Search URL Search Domain Scan URL

URL: http://127.0.0.1:8000/page/terms
Title: شروط الاستخدام

Search URL Search Domain Scan URL

URL: http://127.0.0.1:8000/page/privacy
Title: سياسة الخصوصية

Search URL Search Domain Scan URL

URL: http://127.0.0.1:8000/contact
Title: تواصل معنا

Search URL Search Domain Scan URL

URL: https://t.me/+KbbbCMXyA5g2YzE0
Title: جروب التيليجرام (النتيجة بالاسم)

Search URL Search Domain Scan URL

URL: https://alsaraha.com/
Title: الصراحة

Search URL Search Domain Scan URL

URL: https://followers-store.com/
Title: متجر المتابعين

Search URL Search Domain Scan URL

URL: https://goldpricenow.live/
Title: أسعار الذهب

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

92 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
natiga.alsaraha.com/ 21 KB
6 KB 92ms
40ms Document
text/html 217.69.12.3
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://natiga.alsaraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.69.12.3 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 217.69.12.3.vultrusercontent.com
Software: LiteSpeed / PHP/8.1.21
Resource Hash: 7b0a2e4cbb1e34431b6fc36d163b7bbc89356889485c87dd41a271592e6f6428

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, private
content-encoding: gzip
content-length: 5419
content-type: text/html; charset=UTF-8
date: Mon, 31 Jul 2023 09:06:31 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.21

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 144ms
76ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9877625271429155

Requested by

Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17be3d25eb627afac1a95d7969e37def88641f7248c3614847de4d31b18bf53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://natiga.alsaraha.com/
Origin: https://natiga.alsaraha.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50644
x-xss-protection: 0
server: cafe
etag: 14743980551308105190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 09:06:31 GMT

GET
H2 200 app-efcbd41e.css
natiga.alsaraha.com/build/assets/ 238 KB
35 KB 21ms
19ms Stylesheet
text/css 217.69.12.3
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://natiga.alsaraha.com/build/assets/app-efcbd41e.css
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.69.12.3 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 217.69.12.3.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 1a5a9a90c87b023f0adfe1468232f392b42551a4563e3a34bbfbd33e88a774e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://natiga.alsaraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:31 GMT
content-encoding: br
last-modified: Mon, 31 Jul 2023 08:38:24 GMT
server: LiteSpeed
etag: "3b92e-64c77300-1bf37d2;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 35707
expires: Mon, 31 Jul 2023 21:06:31 GMT

GET
H2 200 hero_image_exportable.svg
getadblock.com/images/platforms/chrome/ 26 KB
9 KB 552ms
464ms Image
image/svg+xml 2606:4700:10::ac43:1ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getadblock.com/images/platforms/chrome/hero_image_exportable.svg
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12b31f6ece06c09f73e6c85855c4b72851160a3b31b726c6e20b1eaad5c2f707

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://natiga.alsaraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:32 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 07 Sep 2021 14:38:17 GMT
server: cloudflare
etag: W/"67a5-5cb68b766d5b8"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7ef4af959c89d255-CDG

GET
H2 200 logo.png
natiga.alsaraha.com/images/default/ 36 KB
36 KB 22ms
19ms Image
image/png 217.69.12.3
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://natiga.alsaraha.com/images/default/logo.png
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.69.12.3 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 217.69.12.3.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: f49130f942b570bc10029e1903fc0ffbcd4f65c04524bb32949128fa0815d78c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://natiga.alsaraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:31 GMT
last-modified: Mon, 31 Jul 2023 08:38:24 GMT
server: LiteSpeed
etag: "8eee-64c77300-1bf3ae7;;;"
content-type: image/png
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 36590
expires: Mon, 31 Jul 2023 21:06:31 GMT

GET wide-logo.png
127.0.0.1/images/default/ 0
0

GET
H2 200 app-e4352ad6.js Show response
natiga.alsaraha.com/build/assets/ 136 B
217 B 45ms
45ms Script
application/x-javascript 217.69.12.3
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://natiga.alsaraha.com/build/assets/app-e4352ad6.js
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.69.12.3 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 217.69.12.3.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 5f261dc44830295822a2ad5350e80f728de30dac0f0d8e64c22770fbc972951b

Request headers

Referer: https://natiga.alsaraha.com/
Origin: https://natiga.alsaraha.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:31 GMT
last-modified: Mon, 31 Jul 2023 08:38:24 GMT
server: LiteSpeed
etag: "88-64c77300-1bf37d1;;;"
content-type: application/x-javascript
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 136
expires: Mon, 31 Jul 2023 21:06:31 GMT

GET
H2 200 main-07febffb.js Show response
natiga.alsaraha.com/build/assets/ 270 KB
81 KB 46ms
46ms Script
application/x-javascript 217.69.12.3
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://natiga.alsaraha.com/build/assets/main-07febffb.js
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.69.12.3 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 217.69.12.3.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: cd3ac58a0cef129f3653111e7ccb3b0f640ed149770387bf9eb87d4aaa350613

Request headers

Referer: https://natiga.alsaraha.com/
Origin: https://natiga.alsaraha.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:31 GMT
content-encoding: br
last-modified: Mon, 31 Jul 2023 08:38:24 GMT
server: LiteSpeed
etag: "4384d-64c77300-1bf37ef;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 83094
expires: Mon, 31 Jul 2023 21:06:31 GMT

GET
H2 200 livewire.js Show response
natiga.alsaraha.com/livewire/ 286 KB
65 KB 75ms
69ms Script
application/javascript 217.69.12.3
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://natiga.alsaraha.com/livewire/livewire.js?id=3605227a
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.69.12.3 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 217.69.12.3.vultrusercontent.com
Software: LiteSpeed / PHP/8.1.21
Resource Hash: fcf258f525686fd6956e74f1f99a9717c0c68b5b2985354c8e7df1182f9e1d8c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://natiga.alsaraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:31 GMT
content-encoding: gzip
last-modified: Sat, 22 Jul 2023 02:02:52 GMT
server: LiteSpeed
x-powered-by: PHP/8.1.21
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 65898
expires: Wed, 31 Jul 2024 09:06:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 158ms
116ms Fetch
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ec6e6b8d57ddfa63ffc6c09a3543b0fe747ef1eae1fdca6868823211e34be9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://natiga.alsaraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50639
x-xss-protection: 0
server: cafe
etag: 11349341766921069315
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 09:06:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 105ms
38ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@400;500;700

Requested by

Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/build/assets/app-efcbd41e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d2c4b6f73273e1cc6e8cef31b7166810d7155b927eef6723be2f89743fcf5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://natiga.alsaraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Jul 2023 09:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 09:04:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jul 2023 09:06:31 GMT

GET
H2 200 flasher.min.js Show response
natiga.alsaraha.com/vendor/flasher/ 16 KB
4 KB 27ms
24ms Script
application/x-javascript 217.69.12.3
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://natiga.alsaraha.com/vendor/flasher/flasher.min.js
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.69.12.3 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 217.69.12.3.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 7a33255f9e7913fac79103abd823049f2a0f5944cdf432d78121bfdddcd14d32

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://natiga.alsaraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:31 GMT
content-encoding: br
last-modified: Mon, 31 Jul 2023 08:38:24 GMT
server: LiteSpeed
etag: "4087-64c77300-1bf3bac;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3986
expires: Mon, 31 Jul 2023 21:06:31 GMT

GET
H/1.1 200
OK / Show response
static.followers-store.com/ 2 KB
865 B 98ms
20ms XHR
text/html 107.191.47.191
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://static.followers-store.com/
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.191.47.191 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.47.191.vultrusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 495914204b0db87b55ecacbf9c4c3a372b6b55690d5a5316cd348d3ed17dbc14

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://natiga.alsaraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 09:06:31 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H2 200 fa-regular-400-42d979d5.woff2
natiga.alsaraha.com/build/assets/ 156 KB
156 KB 19ms
19ms Font
font/woff2 217.69.12.3
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://natiga.alsaraha.com/build/assets/fa-regular-400-42d979d5.woff2
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/build/assets/app-efcbd41e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.69.12.3 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 217.69.12.3.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 42d979d54a12b76d10c5f34709c774b14aedcbf25f268f332a7e9163011b658b

Request headers

Referer: https://natiga.alsaraha.com/build/assets/app-efcbd41e.css
Origin: https://natiga.alsaraha.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:31 GMT
last-modified: Mon, 31 Jul 2023 08:38:24 GMT
server: LiteSpeed
etag: "2708c-64c77300-1bf37e6;;;"
content-type: font/woff2
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 159884
expires: Mon, 31 Jul 2023 21:06:31 GMT

GET
H2 200 fa-light-300-f6d6e49e.woff2
natiga.alsaraha.com/build/assets/ 170 KB
170 KB 46ms
45ms Font
font/woff2 217.69.12.3
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://natiga.alsaraha.com/build/assets/fa-light-300-f6d6e49e.woff2
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/build/assets/app-efcbd41e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.69.12.3 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 217.69.12.3.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: f6d6e49e8971c9b702e31bb9ad580eb9d374a13af6e713e3673282c9e52ac7bc

Request headers

Referer: https://natiga.alsaraha.com/build/assets/app-efcbd41e.css
Origin: https://natiga.alsaraha.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:31 GMT
last-modified: Mon, 31 Jul 2023 08:38:24 GMT
server: LiteSpeed
etag: "2a62c-64c77300-1bf37e4;;;"
content-type: font/woff2
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 173612
expires: Mon, 31 Jul 2023 21:06:31 GMT

GET
H2 200 DINNextLTArabic-Medium-81a1b9f4.woff2
natiga.alsaraha.com/build/assets/ 45 KB
45 KB 62ms
62ms Font
font/woff2 217.69.12.3
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://natiga.alsaraha.com/build/assets/DINNextLTArabic-Medium-81a1b9f4.woff2
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/build/assets/app-efcbd41e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.69.12.3 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 217.69.12.3.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 81a1b9f4e0065118e129e82e09095fbcac378be8133d1ba2582efcb3003e9126

Request headers

Referer: https://natiga.alsaraha.com/build/assets/app-efcbd41e.css
Origin: https://natiga.alsaraha.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:31 GMT
last-modified: Mon, 31 Jul 2023 08:38:24 GMT
server: LiteSpeed
etag: "b4fc-64c77300-1bf37ac;;;"
content-type: font/woff2
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 46332
expires: Mon, 31 Jul 2023 21:06:31 GMT

GET
H2 200 DINNextLTArabic-Bold-cc2965c5.woff2
natiga.alsaraha.com/build/assets/ 45 KB
45 KB 62ms
62ms Font
font/woff2 217.69.12.3
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://natiga.alsaraha.com/build/assets/DINNextLTArabic-Bold-cc2965c5.woff2
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/build/assets/app-efcbd41e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.69.12.3 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 217.69.12.3.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: cc2965c5d3a4f424eda841486c7fbe4932fa223b20a5bc8efe62e5b620aa017d

Request headers

Referer: https://natiga.alsaraha.com/build/assets/app-efcbd41e.css
Origin: https://natiga.alsaraha.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:31 GMT
last-modified: Mon, 31 Jul 2023 08:38:24 GMT
server: LiteSpeed
etag: "b3fc-64c77300-1bf37aa;;;"
content-type: font/woff2
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 46076
expires: Mon, 31 Jul 2023 21:06:31 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ 363 KB
124 KB 147ms
92ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9877625271429155&plah=natiga.alsaraha.com&bust=31076575

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9877625271429155

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c083c9b3c763cfec1b4bd11d84adf9df429661a5f532c60a4aa7a00b231587be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://natiga.alsaraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127310
x-xss-protection: 0
server: cafe
etag: 16132554880155548981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 09:06:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame 7D0F 10 KB
5 KB 89ms
26ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9877625271429155

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://natiga.alsaraha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 82899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 10:04:53 GMT
etag: 12368291122986407432
expires: Sun, 13 Aug 2023 10:04:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 favicon.png
alsaraha.com/images/default/ 10 KB
11 KB 100ms
25ms Image
image/png 2606:4700:3033::6815:4d37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alsaraha.com/images/default/favicon.png?v=2
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4d37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc84d8b623125c384b3ec2f65cc23a563b4f7aee5453f12e3f6dc4e6b9d91a98

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://natiga.alsaraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11112
alt-svc: h3=":443"; ma=86400
content-length: 10375
pragma: public
last-modified: Mon, 31 Jul 2023 06:00:03 GMT
server: cloudflare
etag: "64c74de3-2887"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NibkY%2BxT9HYG5ovdm3HNo5bD%2BhOdvqxsXqOZUtpcnumEij2NvC%2FSmepq%2FuAGEhdBUg1DiWVk0OKlBQGoZqvXVD%2BBu9b71zV%2BCs%2FcvubQDTd%2BK2IFgN%2Bc7lI9PhPyvOxcEVbBpVkUDz7eVLc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 7ef4af96dcd602ad-CDG
expires: Thu, 25 Jul 2024 06:01:20 GMT

GET
H/1.1 200
OK favicon.png
followers-store.com/images/default/ 8 KB
9 KB 104ms
22ms Image
image/png 107.191.47.191
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followers-store.com/images/default/favicon.png?v=2
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.191.47.191 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.47.191.vultrusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ecee7ba7695597eb349cabafb525674a78bcdf741a10c5caabcaa3ffadde4738

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://natiga.alsaraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: public
Date: Mon, 31 Jul 2023 09:06:32 GMT
Last-Modified: Mon, 31 Jul 2023 09:06:05 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64c7797d-20c8"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31104000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8392
Expires: Thu, 25 Jul 2024 09:06:32 GMT

GET
H2 200 favicon.png
goldpricenow.live/images/default/ 2 KB
2 KB 308ms
26ms Image
image/png 2606:4700:3032::6815:ca7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goldpricenow.live/images/default/favicon.png
Requested by: Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:3032::6815:ca7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffba86e4a994572416b3da907f9f18a08d7392b24891d9718847ffe4f067872f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://natiga.alsaraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5711286
alt-svc: h3=":443"; ma=86400
content-length: 1568
pragma: public
last-modified: Fri, 26 May 2023 06:37:03 GMT
server: cloudflare
etag: "6470538f-620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HtE1p9T4UuQFqlmleTvHa8DUgDvKXiQF%2BBDBAzENnJOTfksgxqssP5kzeY%2FMoG4FKy4RF0LEl9K76hMDQpS6a7eslbITUe%2FMAtjIJW5z0W%2FkJdBlRazBnY05E1SRzM5WgNDFeV2I2DBV6tAqn3N1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
cf-ray: 7ef4af982ba80153-CDG
expires: Mon, 20 May 2024 06:38:26 GMT

GET favicon.png
127.0.0.1/images/default/ 0
0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
605 B 98ms
34ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=natiga.alsaraha.com&callback=_gfp_s_&client=ca-pub-9877625271429155

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9877625271429155&plah=natiga.alsaraha.com&bust=31076575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340318481315fae08a9eedc7022f6d84cc1164d857e26173e180aa6aa09d5830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://natiga.alsaraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E54 339 KB
78 KB 726ms
724ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&adk=1812271804&adf=3025194257&lmt=1690794392&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l&format=0x0&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391982&bpp=6&bdt=309&idt=249&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2900419751264&frm=20&pv=2&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=288

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9260ca88c08b4b96234a7592d4ae0ee587dde35827baecc770ab53182a7f9247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://natiga.alsaraha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 79617
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 09:06:32 GMT
expires: Mon, 31 Jul 2023 09:06:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F76E 100 KB
36 KB 675ms
674ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=2866448184&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391988&bpp=7&bdt=315&idt=287&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rg0rGXimoI&p=https%3A//natiga.alsaraha.com&dtd=297

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1f22b31cdedb60fcf1600f49c03c5f79b08425b66aed5797d9d6c36c790623c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://natiga.alsaraha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36434
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 09:06:32 GMT
expires: Mon, 31 Jul 2023 09:06:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 72C6 100 KB
36 KB 826ms
825ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=105530703&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391995&bpp=1&bdt=323&idt=299&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y4PvNi0FEt&p=https%3A//natiga.alsaraha.com&dtd=304

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4404308c4f5c8955937b07e2c612c45ebc1659b0e507742bab0d6cb98a6eb0ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://natiga.alsaraha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36526
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 09:06:33 GMT
expires: Mon, 31 Jul 2023 09:06:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame F76E 4 KB
751 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=2866448184&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391988&bpp=7&bdt=315&idt=287&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rg0rGXimoI&p=https%3A//natiga.alsaraha.com&dtd=297

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Jul 2023 09:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 08:22:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jul 2023 09:06:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame F76E 2 KB
973 B 111ms
29ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 22:55:50 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/9929154007720281053/ Frame F76E 52 KB
52 KB 127ms
51ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9929154007720281053/6592766407814317453

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fac7c1df48bf82f9d4051038a0591967fb2d7585d45755976c1d1f3e2a1fbab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 08:58:31 GMT
x-content-type-options: nosniff
age: 259682
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53011
x-xss-protection: 0
last-modified: Tue, 17 Aug 2021 13:42:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 08:58:31 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9934236797688746973/ Frame F76E 6 KB
6 KB 120ms
46ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9934236797688746973/14763004658117789537?w=200&h=200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6197f896a2c2a85f980955843d7dd96a896b8cf10c8ab4d51907ef96a8607fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:16:02 GMT
x-content-type-options: nosniff
age: 222631
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5681
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 21:15:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 19:16:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame F76E 23 KB
9 KB 95ms
29ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 15:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 15:09:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame F76E 3 KB
1 KB 99ms
34ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 07:16:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 07:16:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame F76E 20 KB
9 KB 90ms
25ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 03:48:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F76E 179 KB
56 KB 1039ms
958ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 09:06:33 GMT

GET
H2 200 92cd137fb2ab4f826a326c70369c8a48.js Show response
www.gstatic.com/mysidia/ Frame F76E 33 KB
14 KB 88ms
26ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92cd137fb2ab4f826a326c70369c8a48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 06:54:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 18:07:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 06:54:55 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ 154 KB
52 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/reactive_library_fy2021.js?bust=31076575

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9db3e7f8d892b6e892f4d05d616a37305b53d94af57c5ef81bd0e1160fc9533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://natiga.alsaraha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53527
x-xss-protection: 0
server: cafe
etag: 8705153843202725763
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 09:06:33 GMT

GET
DATA 200
OK truncated
/ Frame F76E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a69d797fa5c728c235f9d61a501538e9df1d78443439f7fbbfb2a5a4fae846f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 72C6 4 KB
655 B 36ms
36ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=105530703&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391995&bpp=1&bdt=323&idt=299&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y4PvNi0FEt&p=https%3A//natiga.alsaraha.com&dtd=304

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Jul 2023 09:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 08:04:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jul 2023 09:06:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 72C6 2 KB
926 B 31ms
29ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=105530703&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391995&bpp=1&bdt=323&idt=299&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y4PvNi0FEt&p=https%3A//natiga.alsaraha.com&dtd=304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 22:55:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 72C6 23 KB
9 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=105530703&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391995&bpp=1&bdt=323&idt=299&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y4PvNi0FEt&p=https%3A//natiga.alsaraha.com&dtd=304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 15:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 15:09:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 72C6 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=105530703&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391995&bpp=1&bdt=323&idt=299&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y4PvNi0FEt&p=https%3A//natiga.alsaraha.com&dtd=304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 07:16:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 07:16:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 72C6 20 KB
8 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=105530703&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391995&bpp=1&bdt=323&idt=299&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y4PvNi0FEt&p=https%3A//natiga.alsaraha.com&dtd=304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 03:48:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 72C6 179 KB
56 KB 889ms
888ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=105530703&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391995&bpp=1&bdt=323&idt=299&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y4PvNi0FEt&p=https%3A//natiga.alsaraha.com&dtd=304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 09:06:33 GMT

GET
H2 200 92cd137fb2ab4f826a326c70369c8a48.js Show response
www.gstatic.com/mysidia/ Frame 72C6 33 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92cd137fb2ab4f826a326c70369c8a48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=105530703&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391995&bpp=1&bdt=323&idt=299&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y4PvNi0FEt&p=https%3A//natiga.alsaraha.com&dtd=304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 06:54:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 18:07:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 06:54:55 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/13510709635069007929/ Frame 72C6 26 KB
27 KB 36ms
35ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13510709635069007929/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=105530703&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391995&bpp=1&bdt=323&idt=299&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y4PvNi0FEt&p=https%3A//natiga.alsaraha.com&dtd=304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76d5fad25d24164038ce11b306acddf7f5effa41cefc46517296b82178fdc4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 22:12:01 GMT
x-content-type-options: nosniff
age: 212072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27062
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 15:42:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 22:12:01 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/14182713443587330949/ Frame 72C6 5 KB
5 KB 41ms
40ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14182713443587330949/14763004658117789537?w=200&h=200

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=105530703&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391995&bpp=1&bdt=323&idt=299&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y4PvNi0FEt&p=https%3A//natiga.alsaraha.com&dtd=304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed115fa593f46f35a4ac58fc81f347e13de7152de80025bc698ca199ee43aa13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 10:14:02 GMT
x-content-type-options: nosniff
age: 168751
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4704
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 14:44:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 10:14:02 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame 4BBD 10 KB
4 KB 27ms
26ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://natiga.alsaraha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 19178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 03:46:55 GMT
etag: 12368291122986407432
expires: Mon, 14 Aug 2023 03:46:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame 74E2 10 KB
4 KB 26ms
26ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://natiga.alsaraha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 19178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 03:46:55 GMT
etag: 12368291122986407432
expires: Mon, 14 Aug 2023 03:46:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 60ms
59ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9877625271429155&plah=natiga.alsaraha.com&bust=31076575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://natiga.alsaraha.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 css2
fonts.googleapis.com/ Frame 4BBD 4 KB
671 B 38ms
37ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Jul 2023 09:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 08:29:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jul 2023 09:06:33 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4BBD 205 B
229 B 27ms
26ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:16:49 GMT
x-content-type-options: nosniff
age: 182984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Jul 2024 06:16:49 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4BBD 604 B
628 B 33ms
32ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:36:06 GMT
x-content-type-options: nosniff
age: 124227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Jul 2024 22:36:06 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/ Frame 4BBD 14 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d22f70ec714241cb6cfff6851ba3b7118c29a8e0d073fbb70b6dd05dd48a7e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 23:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6346
x-xss-protection: 0
server: cafe
etag: 2178636335013097452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 23:04:30 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/ Frame 4BBD 20 KB
8 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4407e58a52926a78be27a8cdba65b8ccf8161463db84cee6cc81c7b7b1fb91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 15:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63828
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8601
x-xss-protection: 0
server: cafe
etag: 3714838898622182897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 15:22:45 GMT

GET
DATA 200
OK truncated
/ Frame 72C6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f3de01c0ac636c3fab6f3ecc2766f232047bdfe9b34030ec66c9b2e3f9b4e98

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 74E2 14 KB
1 KB 38ms
38ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Jul 2023 09:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 08:27:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jul 2023 09:06:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 74E2 2 KB
892 B 30ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 22:55:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 74E2 23 KB
9 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 15:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 15:09:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 74E2 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 07:16:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 07:16:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 74E2 20 KB
8 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 03:48:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74E2 179 KB
57 KB 715ms
714ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 09:06:33 GMT

GET
H3 200 92cd137fb2ab4f826a326c70369c8a48.js Show response
www.gstatic.com/mysidia/ Frame 74E2 33 KB
14 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92cd137fb2ab4f826a326c70369c8a48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 06:54:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 18:07:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 06:54:55 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 74E2 12 KB
12 KB 145ms
28ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTwu9WX1kbVYXnS34cCegbzvaWQPUyZSFqkf3ggNlYP-Xfie_A&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8eb20b7c48e5d5a441145883a93c9f519e0be1215dd748ce199f99e66e7be8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 08:06:55 GMT
x-content-type-options: nosniff
age: 262778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12183
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 12:41:12 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 27 Jul 2024 08:06:55 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 74E2 8 KB
8 KB 154ms
37ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSacSCAEHxCw_FDWAO-qtukOHXctZCpbVIGPp9pgctYxBr3t30&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b58d9b3118bd839d60597b9d988c47f3c8288adfa3cafe3644afa33a56588ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:23:54 GMT
x-content-type-options: nosniff
age: 128559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8568
x-xss-protection: 0
last-modified: Fri, 01 May 2020 05:04:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Jul 2024 21:23:54 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 74E2 8 KB
9 KB 145ms
28ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSion4IiGP8A0QlbV6Iw5PqHrGBpR9FvlnrgTZUuNwwUxGtde8&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95b10faf15f1bf24f77e135dc766dbc014041562cf2d4e8b0518d4e95bf4527d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:42:16 GMT
x-content-type-options: nosniff
age: 185057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8213
x-xss-protection: 0
last-modified: Sun, 11 Feb 2024 17:18:35 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Jul 2024 05:42:16 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 74E2 17 KB
17 KB 169ms
52ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSZYH6UaVDHrNHMC6FxoK0NOq1a2ckN4dygK_AlJ8iRChPHVIA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

189eca3f11c8046d060505246ec26d39a68c811ee6f7eb5cc2055f8c06662cc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:58:03 GMT
x-content-type-options: nosniff
age: 180510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17151
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 13:42:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Jul 2024 06:58:03 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 74E2 13 KB
13 KB 154ms
37ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQQfyqQ8u_F7x21hr7UciEjJ2ALbpAp3BUWPFO6NOaMJvAJLXI&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b12c4c1c9102b91c3aacb32589d140f75f6c646045a721090230d3823ddd1614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:15:54 GMT
x-content-type-options: nosniff
age: 240639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13004
x-xss-protection: 0
last-modified: Sat, 24 Feb 2024 09:46:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 27 Jul 2024 14:15:54 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 74E2 12 KB
12 KB 147ms
31ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSDVDEBbJFPdlPUM_s1YFLk72JDccUNUFERswISN21WDCXqdNI&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81884e385040d415835c42108325c861a6330c1a8b01c606cd4ed5f8ec4e9400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:42:16 GMT
x-content-type-options: nosniff
age: 185057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12685
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 10:43:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Jul 2024 05:42:16 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 74E2 16 KB
16 KB 144ms
29ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQqDv4ROCxJY8imuOXfTs2be6EG-2hXTKlMEjE_zEvv1iEVEBC1&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdfe37979995d5ff1148740610dc3079e6f91c7afff3386b4c8a790b66e38ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 09:58:20 GMT
x-content-type-options: nosniff
age: 169693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15996
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 13:33:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Jul 2024 09:58:20 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 74E2 3 KB
3 KB 142ms
26ms Image
image/png 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSRF_dNJAEtdO9iNxRO3CC8Nd2TQmjSseJvEVv5uV9JvxNn9npn&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5a5e5b174ea9956e4d3445c54cf6056980a243d84596d780b36677a58a62467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:23:19 GMT
x-content-type-options: nosniff
age: 186194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2928
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 12:32:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Jul 2024 05:23:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AB45 14 KB
1 KB 41ms
40ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Jul 2023 09:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 08:26:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jul 2023 09:06:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame AB45 2 KB
892 B 30ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 22:55:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame AB45 23 KB
9 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 15:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 15:09:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86B3 143 B
166 B 35ms
30ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 08:12:23 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame AB45 3 KB
1 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 07:16:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 07:16:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame AB45 20 KB
8 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 03:48:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB45 179 KB
56 KB 696ms
695ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 09:06:33 GMT

GET
H3 200 92cd137fb2ab4f826a326c70369c8a48.js Show response
www.gstatic.com/mysidia/ Frame AB45 33 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92cd137fb2ab4f826a326c70369c8a48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 06:54:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 18:07:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 06:54:55 GMT

GET
DATA 200
OK truncated
/ Frame 74E2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 416452a5b0f1e7c3b02d1f6014af119725bff972bf4a6d60ba90604333384e0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86B3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

41ms
40ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 09:06:33 GMT
expires: Mon, 31 Jul 2023 09:06:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 09:06:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 74E2 0
23 B 75ms
75ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZZFQmHnHZKD_FdDsvPIP7YK1kA7U59a0cPPV86eYENuOu-WyMBABIJuxg0xg-wGgAZbAy-sDyAEJqQLlIyZicXuyPqgDAcgDywSqBNEBT9Adz_MgynMBrU9XypA5nHx069muc1a2ObZTSCMqXN72FjZt1O16JGcazxNldhsixkGz4jp677PrDeuo5x5Ml5QGa-wz-FBvtFJ2sn5JbxlloBf9268KWNOzkP82_j1D5MoIEVR-el_zFJANqWDWMMkBpfkFpXKyEQp3pVnJG1Q6tLip3fAp281-FAqVrMe_v25sK3AjIuaArC-kFFm9QFvaSvHtIH9ezf46rIAyUtF5Gy7Tx0hyx3sXJYjEIF2Og5S_cxL85ucrB_-m1OLpB2jABNvpheeBBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfSv7QUqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEELTtBNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItOTg3NzYyNTI3MTQyOTE1NRgA&sigh=vjy7NDrPH_4&uach_m=[UACH]&cid=CAQSGwBpAlJWzHjfOWqL2ChiNda3NsQ5tu3yuyoFtBgB&template_id=494&cbvp=2&vis=1

Requested by

Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Jul 2023 09:06:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 31 Jul 2023 09:06:34 GMT

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A1AD 37 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 16:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 16:22:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 72C6 15 KB
16 KB 101ms
26ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 11:08:17 GMT
x-content-type-options: nosniff
age: 165497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 11:08:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 72C6 15 KB
15 KB 106ms
33ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 17:49:54 GMT
x-content-type-options: nosniff
age: 227800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 17:49:54 GMT

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 301A 37 KB
14 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 16:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 16:22:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F76E 15 KB
16 KB 117ms
57ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 11:08:17 GMT
x-content-type-options: nosniff
age: 165497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 11:08:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F76E 15 KB
15 KB 124ms
64ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 17:49:54 GMT
x-content-type-options: nosniff
age: 227800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 17:49:54 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 72C6 0
19 B 71ms
70ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUWiFmHnHZITEF9HFxtYP8JKtqAqfmqW9cZG0yofPEaTn8u2VAhABIJuxg0xg-wGgAaif488DyAEJqAMByAPLBKoEzQFP0G9GbuFw4SyTzPIlz34mtS_mBlsgLYcK-qdx7wLKujU2UQJpuIsWVINNuil-qSQNxQ6_fmDk20vwvA_1vX3j-BOsS7OtL7rmQ8c4v2vKYgzpY-AKoqRkzhrUscHgPop5v8kyjqgnbamhD2GNPg2m2J_Wge6Rc70UIjlXc3Vqzg-Bh7V8dFdMS_gitIWI2m79uhhk4SUn4MB1JQnjaxk34hulsu2KDqDSva_iU9WdPmJZaImqrUWIy6arUalOejaVMfWIM1qJg08VJMg6wATLl5PZsASSBQQIBBgBkgUECAUYBKAGLoAH18nzjAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDT-QfSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi05ODc3NjI1MjcxNDI5MTU1GAA&sigh=4WEjin7Cau0&uach_m=[UACH]&cid=CAQSGwBpAlJWC0gucQkM_RgZHsx9vIxSZoqHgHzdRxgB&template_id=484&cbvp=2&vis=1

Requested by

Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=105530703&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391995&bpp=1&bdt=323&idt=299&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y4PvNi0FEt&p=https%3A//natiga.alsaraha.com&dtd=304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Jul 2023 09:06:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F76E 0
19 B 70ms
70ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQ7j-mHnHZJf6FtyFxtYP6YmtwAa17Nzhb4aa6evHEdnZHhABIJuxg0xg-wGgAZeQ4b8DyAEJqAMByAPLBKoEzAFP0Ki48S60WObD1_4UcdnsK0DWdvKrlk8ScvnyymEcEam8btwc1VT6wLBusLpURNGr5J07oAQ-avdmvhHgpRD6_xFeX3oOPI9UL-y-elqq6rr_zRwCaOg7rUuyYXGmJ2QZ_lQsGChUWOipb7Tyqy5uH7eraeuCcXxTvZj4TKfhnCJ_zhzdUV4ZVtSf9wtG2T2g4hMvgPIGpoHWSRl0K1EUOX75lkChm06ylqpo_JUfE9D5abW8OA8taIqL0QusI9YMq5miQ-mliAQRVKbABKH12t2oBJIFBAgEGAGSBQQIBRgEoAYugAea9_VCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ0doG0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAbgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItOTg3NzYyNTI3MTQyOTE1NRgA&sigh=1XmNqrIU3u4&uach_m=[UACH]&cid=CAQSGwBpAlJWSgcDBRAD7d4QbhwONluOJEFu3jlF7xgB&template_id=484&cbvp=2&vis=1

Requested by

Host: natiga.alsaraha.com
URL: https://natiga.alsaraha.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=2866448184&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391988&bpp=7&bdt=315&idt=287&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rg0rGXimoI&p=https%3A//natiga.alsaraha.com&dtd=297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Jul 2023 09:06:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 42D7 37 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9877625271429155&output=html&h=200&slotname=7996609820&adk=3798050637&adf=105530703&pi=t.ma~as.7996609820&w=1200&fwrn=4&lmt=1690794392&rafmt=11&format=1200x200&url=https%3A%2F%2Fnatiga.alsaraha.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690794391995&bpp=1&bdt=323&idt=299&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2900419751264&frm=20&pv=1&ga_vid=633174394.1690794392&ga_sid=1690794392&ga_hid=1301794205&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076410%2C31076484%2C31076509%2C31076575%2C44788442&oid=2&pvsid=3621458590406803&tmod=2036209884&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Y4PvNi0FEt&p=https%3A//natiga.alsaraha.com&dtd=304

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 16:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 16:22:26 GMT

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C28 37 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 16:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 16:22:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 74E2 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxl0YjogcIq0r9HXKxs8oRs9ND9HT3mczYuFPrt5oKDZFIcOr2KLOTUh_YEXAvxiYxcGk0ohJ586T1x6lzpN-hNF9ciVfg64udr-3VyxFJZ4pJZKHc7bt2Kmb_DFYik02pSVtsUCqNpHjq&sai=AMfl-YSQ8FMSyK4uD4ZRGeJE_N1RviyotDEyNnyiGzMC-NJBtoJrZJkDE5VzXepQEFBAFJgWes05TDx_9Hzh&sig=Cg0ArKJSzH5jGyps2-mBEAE&cid=CAQSGwBpAlJWzHjfOWqL2ChiNda3NsQ5tu3yuyoFtBgB&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=686,1002,1002,1002,1002&tos=686,316,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690794393204&rpt=1026&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 09:06:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 72C6 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrw_duOQtBbk4Jwogfk5re2Sx7FPq7vAQoD0REAxArzKzqDkSOu1ALvZZs25L30jg3gsz6eSRexRI3IvmcQD-XgbwftGyOm-2W5xo52mer9aUfcBsUPMc2cu7ZC3fIyle2Hzibarejyu_C&sai=AMfl-YQ-6T0AdzmFq68uRzywOFHems1QL7gUxhEJ1LxHS4nxmRsCO06a0JgI4fcyXd9HFKhc-ZeIonEvQcun&sig=Cg0ArKJSzI-FfvZe5nV0EAE&cid=CAQSGwBpAlJWC0gucQkM_RgZHsx9vIxSZoqHgHzdRxgB&id=lidar2&mcvt=1000&p=0,0,200,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3798050637&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690794392301&rpt=2216&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 09:06:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F76E 42 B
64 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYQxtRtQtK2YkoDfzqA4orncJOISq9uTpjUTayieHUE6eXsGWExt8E2v-lMqL6V5PgOU8eRLmPFNbfN0aDhM3GB6w0uAH9_KQhFD_YP7y4E19PZktSU223aIel1GnukifubYpEPxAcaOia&sai=AMfl-YSkdexwhofrQFUncmDCX3rMUkiRPEHKM1TU8yUai5GeJIiAhgWbj_WW_jFO4jgYKNRhOKGhGpTgNVmp&sig=Cg0ArKJSzNSFaWBJUCZYEAE&cid=CAQSGwBpAlJWSgcDBRAD7d4QbhwONluOJEFu3jlF7xgB&id=lidar2&mcvt=1003&p=0,0,200,1200&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3798050637&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690794392286&rpt=2254&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 09:06:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 127.0.0.1
URL: http://127.0.0.1:8000/images/default/wide-logo.png

Domain: 127.0.0.1
URL: http://127.0.0.1:8000/images/default/favicon.png

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
natiga.alsaraha.com/	1970-01-20 13:40:01	Name: XSRF-TOKEN Value: eyJpdiI6IjZxSjRPbUVUZ1BXcjJZZVZaeTZ0Unc9PSIsInZhbHVlIjoiRTJOQmlsemhqa3VkbDVsZHVSamE4ekRiWDRZVkVpNWNQSC9oN05qUG93SFVjS0lJYlh5V0FmMGplZ0dhSGZwcFVVNTZWZ2hUZXI1TEJZUjlNQUo0TWtVVDJhbm4zQVVlSW9oNjJBczg5clF0eGVFK0dMRnhSbUlFSFY5UzE0Q3MiLCJtYWMiOiJhYWY3NmYxODI1YTUzMTJmOWVlMjVkZjNlMTkyZDg3OWUzM2M2MjIwNTk0MWQ3NWEyZGQ1MWEyZDdhNGI0YzcwIiwidGFnIjoiIn0%3D
natiga.alsaraha.com/	1970-01-20 13:40:01	Name: laravel_session Value: eyJpdiI6IldxQ3dxWkdRN0VabVY3LzZwMzRHTVE9PSIsInZhbHVlIjoiMnc5UU1vV1N4K1R6SklkaEVJa1J0NndVaDRPMk5vaTYwTjl4ZnFoS3FuczRuaXlyWWhlQWpEWCs3Tldid1ZWVlRjTEs3Szl0d3Q2eGh2dTdtYlZ2WjJIYTZ4cVljaXBOMlNHQjFsYTY4RjF1cmkyWW0vRkVta2Z0ME5UN3NtV0IiLCJtYWMiOiI0NzMzMzJhNDJlOGMwNGZjMDMwNzczMGNmZDFkYWE4OTI2NzM1N2FkMWQ1MTMxMWRmZTg2NDZlNmFkZmYxNjdjIiwidGFnIjoiIn0%3D
.alsaraha.com/	1970-01-20 23:01:30	Name: __gads Value: ID=66b15dfcafddaa7a-22d9b6881ee300e5:T=1690794392:RT=1690794392:S=ALNI_MbtV6PCFzkj3VvB2YEhVfTpUwRa5A
.alsaraha.com/	1970-01-20 23:01:30	Name: __gpi Value: UID=00000d348a0fa32b:T=1690794392:RT=1690794392:S=ALNI_MaJmwiYTOdpuEgCmrQLgBBF0hQG5A
.doubleclick.net/	1970-01-20 13:39:57	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 23:01:30	Name: IDE Value: AHWqTUmcjshHes96pGtDPVJMmbdhEhNMh2q5t2CtSe8kpYhtAtUKnDoHmpfcr84pnqc

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://natiga.alsaraha.com/ Message: Mixed Content: The page at 'https://natiga.alsaraha.com/' was loaded over HTTPS, but requested an insecure element 'http://127.0.0.1:8000/images/default/wide-logo.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://natiga.alsaraha.com/(Line 200) Message: Mixed Content: The page at 'https://natiga.alsaraha.com/' was loaded over HTTPS, but requested an insecure element 'http://127.0.0.1:8000/images/default/wide-logo.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://natiga.alsaraha.com/ Message: Mixed Content: The page at 'https://natiga.alsaraha.com/' was loaded over HTTPS, but requested an insecure element 'http://127.0.0.1:8000/images/default/favicon.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

127.0.0.1
alsaraha.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
followers-store.com
fonts.googleapis.com
fonts.gstatic.com
getadblock.com
goldpricenow.live
googleads.g.doubleclick.net
natiga.alsaraha.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.followers-store.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
127.0.0.1
107.191.47.191
217.69.12.3
2606:4700:10::ac43:1ba4
2606:4700:3032::6815:ca7
2606:4700:3033::6815:4d37
2a00:1450:4001:801::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
12b31f6ece06c09f73e6c85855c4b72851160a3b31b726c6e20b1eaad5c2f707
17be3d25eb627afac1a95d7969e37def88641f7248c3614847de4d31b18bf53f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189eca3f11c8046d060505246ec26d39a68c811ee6f7eb5cc2055f8c06662cc5
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1a5a9a90c87b023f0adfe1468232f392b42551a4563e3a34bbfbd33e88a774e2
1d2c4b6f73273e1cc6e8cef31b7166810d7155b927eef6723be2f89743fcf5d8
1ec6e6b8d57ddfa63ffc6c09a3543b0fe747ef1eae1fdca6868823211e34be9a
2b58d9b3118bd839d60597b9d988c47f3c8288adfa3cafe3644afa33a56588ec
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
340318481315fae08a9eedc7022f6d84cc1164d857e26173e180aa6aa09d5830
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
416452a5b0f1e7c3b02d1f6014af119725bff972bf4a6d60ba90604333384e0e
42d979d54a12b76d10c5f34709c774b14aedcbf25f268f332a7e9163011b658b
4404308c4f5c8955937b07e2c612c45ebc1659b0e507742bab0d6cb98a6eb0ae
495914204b0db87b55ecacbf9c4c3a372b6b55690d5a5316cd348d3ed17dbc14
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f261dc44830295822a2ad5350e80f728de30dac0f0d8e64c22770fbc972951b
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
6197f896a2c2a85f980955843d7dd96a896b8cf10c8ab4d51907ef96a8607fdb
6f3de01c0ac636c3fab6f3ecc2766f232047bdfe9b34030ec66c9b2e3f9b4e98
6f4407e58a52926a78be27a8cdba65b8ccf8161463db84cee6cc81c7b7b1fb91
76d5fad25d24164038ce11b306acddf7f5effa41cefc46517296b82178fdc4fd
7a33255f9e7913fac79103abd823049f2a0f5944cdf432d78121bfdddcd14d32
7b0a2e4cbb1e34431b6fc36d163b7bbc89356889485c87dd41a271592e6f6428
7fac7c1df48bf82f9d4051038a0591967fb2d7585d45755976c1d1f3e2a1fbab
81884e385040d415835c42108325c861a6330c1a8b01c606cd4ed5f8ec4e9400
81a1b9f4e0065118e129e82e09095fbcac378be8133d1ba2582efcb3003e9126
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
9260ca88c08b4b96234a7592d4ae0ee587dde35827baecc770ab53182a7f9247
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
95b10faf15f1bf24f77e135dc766dbc014041562cf2d4e8b0518d4e95bf4527d
9a69d797fa5c728c235f9d61a501538e9df1d78443439f7fbbfb2a5a4fae846f
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b12c4c1c9102b91c3aacb32589d140f75f6c646045a721090230d3823ddd1614
b1f22b31cdedb60fcf1600f49c03c5f79b08425b66aed5797d9d6c36c790623c
b9db3e7f8d892b6e892f4d05d616a37305b53d94af57c5ef81bd0e1160fc9533
c083c9b3c763cfec1b4bd11d84adf9df429661a5f532c60a4aa7a00b231587be
c5a5e5b174ea9956e4d3445c54cf6056980a243d84596d780b36677a58a62467
c8eb20b7c48e5d5a441145883a93c9f519e0be1215dd748ce199f99e66e7be8d
cc2965c5d3a4f424eda841486c7fbe4932fa223b20a5bc8efe62e5b620aa017d
cd3ac58a0cef129f3653111e7ccb3b0f640ed149770387bf9eb87d4aaa350613
d22f70ec714241cb6cfff6851ba3b7118c29a8e0d073fbb70b6dd05dd48a7e88
dc84d8b623125c384b3ec2f65cc23a563b4f7aee5453f12e3f6dc4e6b9d91a98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecee7ba7695597eb349cabafb525674a78bcdf741a10c5caabcaa3ffadde4738
ed115fa593f46f35a4ac58fc81f347e13de7152de80025bc698ca199ee43aa13
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49130f942b570bc10029e1903fc0ffbcd4f65c04524bb32949128fa0815d78c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d6e49e8971c9b702e31bb9ad580eb9d374a13af6e713e3673282c9e52ac7bc
fcf258f525686fd6956e74f1f99a9717c0c68b5b2985354c8e7df1182f9e1d8c
fdfe37979995d5ff1148740610dc3079e6f91c7afff3386b4c8a790b66e38ab0
ffba86e4a994572416b3da907f9f18a08d7392b24891d9718847ffe4f067872f

natiga.alsaraha.com Open in urlscan Pro 217.69.12.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

92 Requests

98 %HTTPS

88 %IPv6

12 Domains

19 Subdomains

17 IPs

3 Countries

1794 kBTransfer

4214 kBSize

6 Cookies

10 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

natiga.alsaraha.com Open in urlscan Pro
217.69.12.3 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

98 %
HTTPS

88 %
IPv6

12
Domains

19
Subdomains

17
IPs

3
Countries

1794 kB
Transfer

4214 kB
Size

6
Cookies

92 HTTP transactions
3 data transactions